1186 matches found
CVE-2024-36080
CVE-2024-36080 affects Westermo EDW-100 serial-to-Ethernet converters up to 2024-05-03, with a hidden root user and a hard-coded password that cannot be changed. The vulnerability enables high-impact, unauthenticated access (CVSS v3.1 base score 9.8) and potential credential disclosure. Public so...
CVE-2024-36080
Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
CVE-2024-36080
Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
CVE-2024-34211
TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...
CVE-2024-34211
TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2024-33867
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt...
PT-2024-25522 · Linqi · Linqi
Name of the Vulnerable Software and Affected Versions: linqi versions prior to 1.4.0.1 Description: An issue was discovered in linqi where there is a hardcoded password salt. Recommendations: For versions prior to 1.4.0.1, update to version 1.4.0.1 or later to resolve the issue...
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2024-31810
The CVE-2024-31810 entry affects TOTOLINK EX200 with version 4.0.3c.7646_B20201211, where a hardcoded root password exists in the file /etc/shadow.sample. This root-credential vulnerability enables high-privilege access and aligns with the documented CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I...
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
PT-2024-24219 · Totolink · Totolink Ex200
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: A hardcoded password for the root user was found in the /etc/shadow.sample file. Recommendations: For TOTOLINK EX200 version 4.0.3c.7646 B20201211, consider changing the hardcoded...
CVE-2024-34211
Totolink CP450 v4.1.0cu.747_B20191224 contains a hardcoded password in /etc/shadow.sample that can allow an attacker to log in as root. CVSSv3.1 measures a high impact (8.8) with adjacent attack vector and no potential user interaction. Connected sources provide concrete details: affected softwar...
CVE-2024-34211
TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...
CVE-2024-34211
TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...
PT-2024-25745 · Totolink · Totolink Cp450
Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: The issue is related to a hardcoded password vulnerability found in the /etc/shadow.sample file. This vulnerability allows attackers to log in as root. Recommendations: For TOTOLINK...
PT-2024-4478 · Westermo · Westermo Edw-100
Name of the Vulnerable Software and Affected Versions: Westermo EDW-100 devices through 2024-05-03 Description: The issue is related to a hidden root user account with a hardcoded password that cannot be changed in Westermo EDW-100 devices. This could allow a remote attacker to disclose informati...
CVE-2024-28066
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used a hardcoded root password...
CVE-2024-28066
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used a hardcoded root password...