CVE-2025-25570

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2025-25570

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...

CVE-2025-25729

An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process...

CVE-2025-25570

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...

CVE-2025-25729

An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process...

CVE-2025-25729

CVE-2025-25729 concerns a data disclosure in Bosscomm IF740 firmware (versions 11001.7078 & v11001.0000) and System versions 6.25 & 6.00. The root cause is information exposed via the update or boot process, enabling an attacker to obtain hardcoded cleartext credentials. The CVE entry and related...

CVE-2025-25570

CVE-2025-25570 affects Vue Vben Admin 2.10.1, with a broken authentication flaw caused by hardcoded credentials that allows unauthorized login to the backend. The Nuclei template explicitly documents a default-credentials scenario and the Red Hat/NVD entries reiterate unauthorized backend access ...

PT-2025-9029

Name of the Vulnerable Software and Affected Versions Vue Vben Admin version 2.10.1 Description The issue allows unauthorized login to the backend due to an problem with hardcoded credentials. Recommendations For Vue Vben Admin version 2.10.1, update to a version that removes the hardcoded...

CVE-2025-25570

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android app (v2.1.6.20241017 and earlier) uses hardcoded MQTT credentials for device telemetry, with the same credentials in the app and cloud. The vulnerability is described as enabling attackers to gain unauthorized access to user accounts and potentially execute arbitrary c...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

CVE-2024-36049

Aptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write access to personal...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...