Hardcoded credentials

An issue was discovered in Pulse Policy Secure PPS and Pulse Connect Secure PCS Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and...

IBM Verify Gateway (IVG) Hardcoded Credentials Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A hard-coded credentials vulnerability exists in IBM Verify Gateway IVG. An attacker could exploit the vulnerability to obtain credentials such as passwords or encryption keys...

Hardcoded credentials

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2020-10287 RVD#3326: Hardcoded default credentials on IRC 5 OPC Server

The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default...

PT-2020-3116 · Cisco · Cisco Sd-Wan Solution

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Solution Software affected versions not specified Description: The issue is related to the use of hardcoded credentials in the Cisco SD-WAN solution. An unauthenticated, local attacker could access an affected device by using an...

CDATA OLTs Backdoor / Privilege Escalation / Information Disclosure Vulnerabilities

Various CDATA OLTs suffer from backdoor access with telnet, credential leaks, shell escape with root privileges, denial of service, and weak encryption algorithm vulnerabilities. Advisory Information Title: Multiple vulnerabilities found in CDATA OLTs Advisory URL:...

ZyXEL CloudCNM SecuManager Trust Management Issues Vulnerability

ZyXEL CloudCNM SecuManager is a set of network management software from Taiwan, China-based ZyXEL. The software supports centralized control, device management and intelligent monitoring. A trust management issue vulnerability exists in ZyXEL CloudCNM SecuManager version 3.1.0 and 3.1.1, which...

ZyXEL CloudCNM SecuManager Trust Management Issues Vulnerability

ZyXEL CloudCNM SecuManager is a set of network management software from Taiwan, China-based ZyXEL. The software supports centralized control, device management and intelligent monitoring. A trust management issue vulnerability exists in ZyXEL CloudCNM SecuManager version 3.1.0 and 3.1.1. The...

CVE-2020-15324

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmppconfig.py file that stores hardcoded credentials...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmppconfig.py file that stores hardcoded credentials...

CVE-2020-15324

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmppconfig.py file that stores hardcoded credentials...

CVE-2020-15324

CVE-2020-15324 concerns Zyxel CloudCNM SecuManager versions 3.1.0 and 3.1.1. The issue arises from the file axess/opt/axXMPPHandler/config/xmpp_config.py being world-readable and containing hardcoded credentials. This linkage enables potential exposure of sensitive credentials stored within the c...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account...