Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1186 matches found

Vulnrichment
Vulnrichmentadded 2024/06/10 11:18 a.m.15 views

CVE-2024-3699 Hardcoded password in drEryk Gabinet

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all drEryk Gabinet installations.This issue affects drEryk Gabinet software versions from 7.0.0.0 through 9.17.0.0...

9.3CVSS6.7AI score0.00126EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/06/10 11:18 a.m.22 views

CVE-2024-3699 Hardcoded password in drEryk Gabinet

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all drEryk Gabinet installations.This issue affects drEryk Gabinet software versions from 7.0.0.0 through 9.17.0.0...

9.3CVSS0.00126EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/06/10 11:13 a.m.19 views

CVE-2024-1228 Hardcoded password in Eurosoft Przychodnia

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all Eurosoft Przychodnia installations. This issue affects Eurosoft Przychodnia software before version 20240417.001 from that version...

9.3CVSS6.7AI score0.00126EPSS
Exploits0References3
OSV
OSVadded 2024/06/03 9:15 p.m.1 views

CVE-2024-36782

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2024/06/03 9:15 p.m.12 views

CVE-2024-36782

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

9.8CVSS7.1AI score0.00373EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/06/03 8:9 p.m.12 views

CVE-2024-36782

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

7.1AI score0.00373EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/06/03 12:0 a.m.2 views

PT-2024-27160 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300 version 2.0.4-B20201102 Description: A hardcoded password vulnerability was discovered in /etc/shadow.sample, allowing attackers to log in as root. This issue enables unauthorized access to the system. Recommendations: For...

9.8CVSS6.8AI score0.00373EPSS
Exploits0References6
OSV
OSVadded 2024/05/24 4:15 p.m.3 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...

9.8CVSS5.8AI score0.00131EPSS
Exploits0References2
NVD
NVDadded 2024/05/24 4:15 p.m.11 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...

9.8CVSS7.1AI score0.00131EPSS
Exploits0References2
OSV
OSVadded 2024/05/24 4:15 p.m.2 views

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

8.8CVSS5.8AI score0.00111EPSS
Exploits0References2
NVD
NVDadded 2024/05/24 4:15 p.m.9 views

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

8.8CVSS7.1AI score0.00111EPSS
Exploits0References2
CVE
CVEadded 2024/05/24 3:59 p.m.71 views

CVE-2024-35395

CVE-2024-35395 affects TOTOLINK CP900L (v4.1.5cu.798_B20221228). A hardcoded password in /etc/shadow.sample allows an attacker to log in as root. Impact is root access with high severity (CVSS v3.1: 8.8; Network attack, low privileges required, no user interaction). Connected sources confirm the ...

8.8CVSS7.4AI score0.00111EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/05/24 3:59 p.m.24 views

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

7.1AI score0.00111EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/05/24 3:59 p.m.15 views

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

7.5AI score0.00111EPSS
Exploits0References2
CVE
CVEadded 2024/05/24 3:54 p.m.55 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798_B20221228 is affected by a hardcoded password for telnet stored in /web_cste/cgi-bin/product.ini, enabling root login. The CVE entry does not specify a fixed fix; multiple connected sources reference mitigation ideas (e.g., disabling telnet, patching firmware), but no...

9.8CVSS7.4AI score0.00131EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/05/24 3:54 p.m.21 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...

7.1AI score0.00131EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/05/24 3:54 p.m.15 views

CVE-2024-35396

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password for telnet in /webcste/cgi-bin/product.ini, which allows attackers to log in as root...

7.5AI score0.00131EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/05/24 12:0 a.m.2 views

PT-2024-26476 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900L version 4.1.5cu.798 B20221228 Description: A hardcoded password issue was found in the /etc/shadow.sample file, allowing attackers to log in as root. Recommendations: For TOTOLINK CP900L version 4.1.5cu.798 B20221228, consider...

8.8CVSS7.1AI score0.00111EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/05/24 12:0 a.m.2 views

PT-2024-3807 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900L version 4.1.5cu.798 B20221228 Description: The issue is related to a hardcoded password for telnet in the /web cste/cgi-bin/product.ini file, allowing attackers to log in as root. This is due to the use of predefined credentia...

10CVSS7.2AI score0.00131EPSS
Exploits0References4
NVD
NVDadded 2024/05/19 8:15 p.m.10 views

CVE-2024-36080

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...

9.8CVSS9.7AI score0.00107EPSS
Exploits0References1
Rows per page
Query Builder