MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: MonoCMS Blog 1.0 - Arbitrary File Deletion Authenticated Date: 2020-09-20 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: https://monocms.com/download Software Link: https://monocms.com/download Version: 1.0 Tested On: Windows 10 XAMPP CVE: N/A Proof of...

Hardcoded credentials

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior...

Hardcoded credentials

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code ...

CVE-2018-20432

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration...

Hardcoded credentials

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...

Hardcoded credentials

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration...

CVE-2018-20432

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration...

CVE-2018-20432

CVE-2018-20432 affects D-Link COVR-2600R and COVR-3902 Kit prior to firmware version 1.01b05Beta01. The issue is hardcoded credentials for the telnet service, enabling unauthenticated privileged access and potential data extraction or configuration modification. A PoC exists showing steps to reve...

CVE-2018-17771

Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

CVE-2018-17767

Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

Hardcoded credentials

Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

Hardcoded credentials

Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

CVE-2018-17767

Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

CVE-2018-17767

Summary : CVE-2018-17767 affects Ingenico Telium 2 POS terminals due to hardcoded PPP credentials. The connected sources confirm the vulnerability and state the issue is fixed in Telium 2 SDK v9.32.03 patch N. Affected component : Ingenico Telium 2 POS terminals (SDK level). Root cause : hardcode...

PT-2020-8621 · Ingenico · Ingenico Telium 2

Name of the Vulnerable Software and Affected Versions: Ingenico Telium 2 POS terminals versions prior to Telium 2 SDK v9.32.03 patch N Description: The issue concerns hardcoded PPP credentials in Ingenico Telium 2 POS terminals. This allows unauthorized access. The problem is resolved in Telium 2...

PT-2020-8625 · Ingenico · Ingenico Telium 2

Name of the Vulnerable Software and Affected Versions: Ingenico Telium 2 POS terminals versions prior to Telium 2 SDK v9.32.03 patch N Description: The issue concerns hardcoded FTP credentials in Ingenico Telium 2 POS terminals. This allows unauthorized access. The problem is fixed in Telium 2 SD...

COVR 3902 1.01B0 Hardcoded Credentials Vulnerability

Title: Telnet Hardcoded Credentials Summary: The latest versions of the firmware have hardcoded default credentials that can be exploited by an unauthenticated attacker to gain privileged access to the firmware and to extract sensitive data Affected Firmware: COVR-3902REVAROUTERFIRMWAREv1.01B0 CV...

PT-2020-3947 · D Link · D-Link Covr-2600R +1

Name of the Vulnerable Software and Affected Versions: D-Link COVR-2600R and COVR-3902 Kit versions prior to 1.01b05Beta01 Description: The issue is related to the use of hardcoded credentials for telnet connections, allowing unauthenticated attackers to gain privileged access to the router. This...

Hardcoded credentials

Use of a hard-coded cryptographic key in Pancake versions 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation...

COVR 3902 1.01B0 Hardcoded Credentials

Title: Telnet Hardcoded Credentials Summary: The latest versions of the firmware have hardcoded default credentials that can be exploited by an unauthenticated attacker to gain privileged access to the firmware and to extract sensitive data Affected Firmware: COVR-3902REVAROUTERFIRMWAREv1.01B0 CV...