1189 matches found
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2024-35395
TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...
CVE-2024-35396
TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...
CVE-2024-36080
Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
CVE-2024-36556
Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...
CVE-2024-36556
Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...
CVE-2024-36556
Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...
PT-2025-5847 · Forever · Forever Kidswatch Call Me 2 Kw60 +1
Name of the Vulnerable Software and Affected Versions: Forever KidsWatch Call Me KW50 version 1.0 Forever KidsWatch Call Me 2 KW60 version 1.0 Description: The issue is related to a hardcoded password, which poses a significant security risk. This allows unauthorized access to the devices...
CVE-2024-36556
The CVE-2024-36556 entry concerns Forever KidsWatch Call Me KW50 (v1.0) and Forever KidsWatch Call Me 2 KW60 (v1.0) with a hardcoded password vulnerability affecting the cob_b components. Multiple connected sources corroborate the vulnerability name and affected devices, describing a hardcoded pa...
CVE-2024-36556
Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh, and Forever KidsWatch Call Me 2 KW60 R36CWYDES4A292V1.02023.05.2422.49.44cobb have a Hardcoded password vulnerability...
CVE-2022-1162
A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts...
CVE-2024-50690
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...
CVE-2024-50690
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...
CVE-2024-50690
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...
CVE-2024-50690
CVE-2024-50690 affects SunGrow WiNet-SV200.001.00.P027 and older; the root cause is a hardcoded password embedded in the WiNet WebUI that can be used to decrypt all firmware updates. This enables an attacker to decrypt firmware updates, potentially compromising device integrity and exposing updat...
PT-2025-2883 · Sungrow · Sungrow Winet-Sv200
Name of the Vulnerable Software and Affected Versions: SunGrow WiNet-SV200 versions 0.001.00.P027 and earlier Description: The issue concerns a hardcoded password in the affected versions. This password can be used to decrypt all firmware updates. Recommendations: For SunGrow WiNet-SV200 versions...
CVE-2024-50690
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...
CVE-2024-57811
In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton...
CVE-2024-57811
In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton...
CVE-2024-57811
CVE-2024-57811 affects Eaton X303 firmware 3.5.16–3.5.17 Build 712. An attacker with network access to the XC-303 PLC can log in as root over SSH because the root password is hardcoded in the firmware. The advisory notes these vulnerable versions are no longer supported by Eaton. No patch/version...