CVE-2025-32985

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files...

CVE-2025-32985

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files...

CVE-2025-32985

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files...

CVE-2025-32985

CVE-2025-32985 affects NETSCOUT nGeniusONE prior to version 6.4.0 b2350. Root cause: hardcoded credentials embedded in a JAR file, enabling credential disclosure that leads to a high-impact loss of confidentiality, integrity, and availability (CVSS 3.1 base score 9.8). The vulnerability is descri...

PT-2025-17943 · Netscout · Netscout Ngeniusone

Name of the Vulnerable Software and Affected Versions: NETSCOUT nGeniusONE versions prior to 6.4.0 b2350 Description: The issue concerns hardcoded credentials in NETSCOUT nGeniusONE that can be obtained from JAR files. Recommendations: For versions prior to 6.4.0 b2350, update to version 6.4.0...

CVE-2025-28230

Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access hardcoded administrator credentials...

CVE-2025-3426

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

CVE-2024-41794

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they ar...

CVE-2024-41794

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they ar...

CVE-2024-41794

The CVE-2024-41794 entry refers to Siemens SENTRON 7KT PAC1260 Data Manager (All versions) with hardcoded credentials enabling remote root access. Affected devices could be accessed unauthenticated remotely if SSH is enabled, potentially allowing full device compromise. The related CVE-2024-41793...

CVE-2024-41794

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they ar...

PT-2025-15392 · Senron · Senron 7Kt Pac1260 Data Manager

Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager affected versions not specified Description: A vulnerability has been identified where affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This...

CVE-2025-3426

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

CVE-2025-3426 Use of default hardcoded credentials

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

CVE-2025-3426

The CVE-2025-3426 entry describes lack of reverse engineering protections in Philips IntelliSpace Portal binaries, enabling discovery of hardcoded credentials. Affected products are IntelliSpace Portal 12 and earlier and Advanced Visualization Workspace 15. Technical details from connected source...

CVE-2025-3426 Use of default hardcoded credentials

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

PT-2025-15271 · Philips · Advanced Visualization Workspace +1

Name of the Vulnerable Software and Affected Versions: Intellispace Portal versions 12 and prior Advanced Visualization Workspace version 15 Description: The issue is related to the lack of protection mechanisms in the Intellispace Portal binaries, making it possible for attackers to...

Esri Portal for ArcGIS < Security 2025 Update 1 Hardcoded Credentials

The version of Esri Portal for ArcGIS installed is missing Security 2025 Update 1. It is, therefore, affected by a hardcoded credentials vulnerability: - A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow ...

CVE-2025-2538

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system...

CVE-2025-30137

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for ports 9091 and 9092. The GNET mobile application contains hardcoded credentials that provide unauthorized access to the dashcam's API endpoints on ports 9091 and 9092. Once the GNET SSID is connected to...