3032 matches found
CVE-2024-57790
CVE-2024-57790 affects IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0. A hardcoded root credential stored in non-volatile flash enables physically proximate attackers to obtain root access via UART or SSH. The vulnerability is categorized with physical attack vector, low authentication,...
PT-2025-6758 · Ixon B.V. · Ixrouter Ix2400
Name of the Vulnerable Software and Affected Versions: IXON B.V. IXrouter IX2400 Industrial Edge Gateway version 3.0 Description: The issue concerns hardcoded root credentials stored in the non-volatile flash memory. This allows physically proximate attackers to gain root access via UART or SSH...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
Billion Electric M100、M150和M120N 信任管理问题漏洞
The Billion Electric M100, among others, is a wireless router from China-based Shengda Electric Billion Electric. The Billion Electric M100, M150, and M120N are vulnerable to a trust management issue vulnerability that stems from embedded Linux credentials that are hardcoded. An attacker could...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
CVE-2024-46436
CVE-2024-46436 : Affects Tenda W18E device with firmware V16.01.0.8(1625). Public data states hardcoded credentials enable unauthenticated remote attackers to gain root access via the telnet service. This is consistent across multiple sources in the connected set. Root access via telnet constitut...
PT-2025-6094 · Tenda · Tenda W18E
Name of the Vulnerable Software and Affected Versions: Tenda W18E version V16.01.0.81625 Description: The issue concerns hardcoded credentials in the Tenda W18E device, allowing unauthenticated remote attackers to gain root access to the device over the telnet service. This enables attackers to...
CVE-2024-46429
CVE-2024-46429 concerns a hardcoded credentials vulnerability in the Tenda W18E web management portal. Affected component: W18E device web interface (V16.01.0.8(1625)). Root cause: presence of a default guest account with administrative privileges that can be used by unauthenticated remote attack...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2022-4333
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...
CVE-2020-6265
SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce Data Hub, versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials...
CVE-2024-28751
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials...
CVE-2024-4844
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...