PT-2024-22247 · Unify · Unify Cp Ip Phone

Name of the Vulnerable Software and Affected Versions: Unify CP IP Phone version 1.10.4.3 Description: The issue is related to weak credentials, specifically a hardcoded root password, in the firmware. Recommendations: For Unify CP IP Phone version 1.10.4.3, consider changing the hardcoded root...

CVE-2024-28066

CVE-2024-28066 affects Unify CP IP Phone firmware 1.10.4.3. The root cause is a hardcoded root password enabling weak credentials, rated CVSSv3.1: 8.8 (HIGH) with Adjacent access, no user interaction required. The Red Hat/NVD/CVE entries corroborate the issue; exploitation status is not documente...

CVE-2024-28066

In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used a hardcoded root password...

TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5 1.9.3 1.5.9 1.4.6 1.3.9...

CVE-2022-47036

Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware,...

CVE-2022-47036

CVE-2022-47036 affects Siklu TG Terragraph devices before ~2.1.1. A hardcoded root password was revealed via a brute-force attack on an MD5 hash and can be used for a (admin) debug login. The vulnerability is not fixed by firmware 2.1.1; remediation is to move to newer hardware (which would typic...

BIT-GITLAB-2022-1162

A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts...

CVE-2023-4539 Hardcoded password in Comarch ERP XL

Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Comarch ERP XL installations. This issue affects ERP XL: from 2020.2.2 through 2023....

CVE-2023-4539 Hardcoded password in Comarch ERP XL

Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Comarch ERP XL installations. This issue affects ERP XL: from 2020.2.2 through 2023....

PT-2024-14214 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to bypass authentication on affected installations of Allegra. The specific flaw exists within the configuration of a database, resulting from the use of ...

Allegra Hard-coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a database. The issue results from the use of a hardcoded password. An...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

CVE-2024-22853

CVE-2024-22853 affects the D-LINK Go-RT-AC750 device with firmware GORTAC750_A1_FW_v101b03, where a hardcoded Alphanetworks password allows remote attackers to obtain root access via a telnet session. Public details in the connected documents confirm the vulnerability type (hardcoded credentials)...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

PT-2024-1692 · D Link · D-Link Go-Rt-Ac750

Name of the Vulnerable Software and Affected Versions: D-LINK Go-RT-AC750 version GORTAC750 A1 FW v101b03 Description: The issue is related to a hardcoded password for the Alphanetworks account in the D-LINK Go-RT-AC750 router, allowing remote attackers to obtain root access via a telnet session...

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account

Summary Professional FM transmitters. Description The transmitter has a hidden super administrative account 'factory' that has the hardcoded password 'inokram25' that allows full access to the web management interface configuration. The factory account is not visible in the users page of the...

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vulnerability

TELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration. TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page:...

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5 1.9.3 1.5.9 1.4.6 1.3.9...