CVE-2013-5755

CVE-2013-5755 affects Yealink IP Phone SIP-T38G. The public records disclose a hardcoded credential issue in the web interface: config/.htpasswd contains user (s7C9Cx.rLsWFA), admin (uoCbM.VEiKQto), and var (jhl3iZAe./qXM) passwords, enabling remote access via unspecified vectors. Connected sourc...

CVE-2014-2951

Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors...

Hardcoded credentials

Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-2951

Datum Systems SnIP on the PSM-500/PSM-4500 satellite modem devices contains a hardcoded admin password (admin) for the admin account, enabling remote attackers to gain access via unspecified vectors. CVE-2014-2951 is rated CVSS v2 base 10.0 (Network, no auth, complete confidentiality, integrity a...

CVE-2014-2951

Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-2969

NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...

CVE-2014-2969

The CVE-2014-2969 entry concerns NETGEAR NETGEAR GS108PE Prosafe Plus switches (firmware 1.2.0.5). A hard-coded credential pair, ntgruser:debugpassword, exists in the device and can be used via CGI endpoints (produce_burn.cgi, register_debug.cgi, bootcode_update.cgi) to gain access and upload fir...

CVE-2014-2969

NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...

CVE-2013-7382

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

Hardcoded credentials

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

CVE-2013-7382

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

CVE-2013-7382

VICIDIAL dialer (Asterisk GUI client) versions 2.8-403a, 2.7, 2.7RC1 and earlier are affected by a hardcoded credential vulnerability. The root cause is a hardcoded password, donotedit, assigned to the VDAD and VDCL user accounts, which could allow remote attackers to gain access. This CVE detail...

CVE-2014-0354

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

Hardcoded credentials

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

CVE-2014-0354

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

CVE-2014-0354

The CVE-2014-0354 entry concerns ZyXEL Wireless N300 NetUSB NBG-419N routers with firmware 1.00(BFQ.6)C0 that have a hardcoded password (qweasdzxc) used to login to index.asp via HTTP, enabling a remote attacker on the LAN to obtain login access. The linked NVD record confirms the issue and its i...

Quantum DXi V1000 2.2.1 - Static SSH Key

Quantum DXi® V-Series is a virtual deduplication backup appliance that protects physical and virtual data across remote sites, the datacenter and cloud deployments. Details: ---------- 0x01 - Default root user The root user has a hardcoded password that is unknown and not changeable. Normally...

Quantum DXi V1000 2.2.1 - Static SSH Key

Quantum DXi V1000 2.2.1 - Static SSH Key ----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum DXi V1000 2.2.1 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/...

Quantum DXi V1000 2.2.1 - Static SSH Key

----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum DXi V1000 2.2.1 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/ ------------------------- Product description:...

Quantum DXi V1000 2.2.1 SSH Key / Root User

----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum DXi V1000 2.2.1 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/ ------------------------- Product description:...