Lucene search
K

1189 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 2:42 a.m.12 views

CVE-2024-31810

TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

9.8CVSS7.5AI score0.00615EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/13 11:47 p.m.10 views

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

8.8CVSS7.4AI score0.00451EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/13 11:30 p.m.18 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...

9.8CVSS7.4AI score0.00554EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/13 5:23 p.m.12 views

CVE-2024-36080

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...

9.8CVSS7.1AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/08 6:51 a.m.6 views

CVE-2024-36556

Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...

9.1CVSS7.1AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2025/02/06 6:15 p.m.11 views

CVE-2024-36556

Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...

9.1CVSS0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/06 12:0 a.m.10 views

CVE-2024-36556

Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...

0.00327EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.4 views

PT-2025-5847 · Forever · Forever Kidswatch Call Me 2 Kw60 +1

Name of the Vulnerable Software and Affected Versions: Forever KidsWatch Call Me KW50 version 1.0 Forever KidsWatch Call Me 2 KW60 version 1.0 Description: The issue is related to a hardcoded password, which poses a significant security risk. This allows unauthorized access to the devices...

9.1CVSS7.4AI score0.00327EPSS
Exploits0References4
CVE
CVE
added 2025/02/06 12:0 a.m.44 views

CVE-2024-36556

The CVE-2024-36556 entry concerns Forever KidsWatch Call Me KW50 (v1.0) and Forever KidsWatch Call Me 2 KW60 (v1.0) with a hardcoded password vulnerability affecting the cob_b components. Multiple connected sources corroborate the vulnerability name and affected devices, describing a hardcoded pa...

9.1CVSS7.4AI score0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/06 12:0 a.m.6 views

CVE-2024-36556

Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...

9.4AI score0.00327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:49 p.m.16 views

CVE-2022-1162

A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts...

9.8CVSS6.6AI score0.76177EPSS
Exploits3References1
OSV
OSV
added 2025/01/24 11:15 p.m.5 views

CVE-2024-50690

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 11:15 p.m.32 views

CVE-2024-50690

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...

6.5CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/24 12:0 a.m.9 views

CVE-2024-50690

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...

6.6AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2025/01/24 12:0 a.m.62 views

CVE-2024-50690

CVE-2024-50690 affects SunGrow WiNet-SV200.001.00.P027 and older; the root cause is a hardcoded password embedded in the WiNet WebUI that can be used to decrypt all firmware updates. This enables an attacker to decrypt firmware updates, potentially compromising device integrity and exposing updat...

6.5CVSS7.3AI score0.00238EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.5 views

PT-2025-2883 · Sungrow · Sungrow Winet-Sv200

Name of the Vulnerable Software and Affected Versions: SunGrow WiNet-SV200 versions 0.001.00.P027 and earlier Description: The issue concerns a hardcoded password in the affected versions. This password can be used to decrypt all firmware updates. Recommendations: For SunGrow WiNet-SV200 versions...

6.5CVSS6.8AI score0.00238EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/24 12:0 a.m.30 views

CVE-2024-50690

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...

0.00238EPSS
Exploits0References1
NVD
NVD
added 2025/01/13 10:15 p.m.5 views

CVE-2024-57811

In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton...

9.1CVSS0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.6 views

CVE-2024-57811

In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton...

7.2AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 12:0 a.m.32 views

CVE-2024-57811

CVE-2024-57811 affects Eaton X303 firmware 3.5.16–3.5.17 Build 712. An attacker with network access to the XC-303 PLC can log in as root over SSH because the root password is hardcoded in the firmware. The advisory notes these vulnerable versions are no longer supported by Eaton. No patch/version...

9.1CVSS6.6AI score0.00417EPSS
Exploits0References1
Rows per page
Query Builder