Lucene search
K

104 matches found

Cvelist
Cvelist
added 2019/12/11 6:7 p.m.24 views

CVE-2013-3542

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WPHD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!/" with the same password, which makes it easier for remote attackers to obtain access vi...

9.4AI score0.02602EPSS
Exploits2References2
CVE
CVE
added 2019/12/11 6:7 p.m.69 views

CVE-2013-3542

CVE-2013-3542 affects Grandstream GXV series (e.g., GXV3501/3504/3601/3601HD/LL/3611/3615W/P/3651FHD/3662HD/3615WP_HD/3500) with firmware 1.0.4.11. The issue is a hardcoded account "!#/" enabling remote TELNET access, exposing high-severity risk (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H; ba...

10CVSS9.2AI score0.02602EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2019/11/11 2:15 p.m.6 views

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

9.8CVSS7.3AI score0.01541EPSS
Exploits1References1
CNVD
CNVD
added 2019/10/31 12:0 a.m.3 views

Mitsubishi Electric smartRTU and Inea ME-RTU Trust Management Issue Vulnerability (CNVD-2019-47031)

Mitsubishi Electric smartRTU is an intelligent Remote Terminal Unit RTU from Mitsubishi Electric, Japan.Inea ME-RTU is an intelligent communication gateway product from Inea, Slovenia. A trust management issue vulnerability exists in Mitsubishi Electric smartRTU version 2.02 and earlier and INEA...

10CVSS6.9AI score0.02343EPSS
Exploits1References1
NVD
NVD
added 2018/08/24 7:29 p.m.22 views

CVE-2017-12577

An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password "admin:password" is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission...

10CVSS9.5AI score0.01455EPSS
Exploits1References1
CVE
CVE
added 2018/08/24 7:0 p.m.56 views

CVE-2017-12577

CVE-2017-12577 affects PLANEX CS-QR20 (version 1.30). The Android app ships a hardcoded credential (admin:password) that can be used to access a hidden API URL /goform/SystemCommand, enabling an attacker to execute arbitrary commands with root privileges. This is tied to the Web UI component and ...

10CVSS9.3AI score0.01455EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/21 3:29 p.m.14 views

CVE-2018-12526

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account...

10CVSS9.5AI score0.02295EPSS
Exploits0References2
OSV
OSV
added 2018/06/21 3:29 p.m.3 views

CVE-2018-12526

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account...

9.8CVSS5.8AI score0.02295EPSS
Exploits0References2
Prion
Prion
added 2018/06/21 3:29 p.m.11 views

Hardcoded credentials

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account...

10CVSS9.4AI score0.02295EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2018/06/21 3:0 p.m.16 views

CVE-2018-12526

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account...

9.5AI score0.02295EPSS
Exploits0References2
CVE
CVE
added 2018/06/21 3:0 p.m.44 views

CVE-2018-12526

CVE-2018-12526 affects Telesquare SDT-CS3B1 and SDT-CW3B1 devices up to firmware 1.2.0, due to a default factory account that enables remote TELNET access via a hardcoded credential. Connected sources (NVD, CNVD, CVE records) consistently describe the root cause as a hardcoded default account; ex...

10CVSS9.4AI score0.02295EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/06/19 7:29 p.m.20 views

CVE-2018-6210

D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session...

10CVSS9.3AI score0.03053EPSS
Exploits0References1
CVE
CVE
added 2018/06/19 7:0 p.m.55 views

CVE-2018-6210

The CVE-2018-6210 entry concerns D-Link DIR-620 routers with a Rostelekom variant of firmware 1.0.37 that ship a hardcoded rostel account. The underlying risk is that an unauthenticated remote attacker can obtain access via TELNET, enabling privileged router access (the OS/user account context fr...

10CVSS9.1AI score0.03053EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/05/08 4:29 a.m.4 views

CVE-2017-17540

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell...

9.8CVSS5.8AI score0.02078EPSS
Exploits0References2
NVD
NVD
added 2018/05/08 4:29 a.m.17 views

CVE-2017-17540

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell...

10CVSS9.4AI score0.02078EPSS
Exploits0References2
OSV
OSV
added 2018/05/08 4:29 a.m.4 views

CVE-2017-17539

The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell...

9.8CVSS5.8AI score0.02078EPSS
Exploits0References2
CNVD
CNVD
added 2018/05/08 12:0 a.m.4 views

Fortinet FortiWLC Hardcoded Account Vulnerability (CNVD-2018-10699)

FortiWLC is a wireless controller from Fortinet. A hard-coded account vulnerability exists in versions 7.0.11 and earlier of Fortinet FortiWLC. An attacker can exploit this vulnerability via a remote shell to gain unauthorized read/write access...

10CVSS7.1AI score0.02078EPSS
Exploits0References1
CVE
CVE
added 2018/05/07 2:0 p.m.57 views

CVE-2017-17540

CVE-2017-17540 concerns Fortinet FortiWLC 8.3.3, where a hardcoded account creates unauthorized read/write access via a remote shell. Connected sources corroborate a hardcoded credential issue in FortiWLC 8.3.3 with remote shell access enabling reading/writing capabilities. The exact root cause, ...

10CVSS9.3AI score0.02078EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/05/07 2:0 p.m.52 views

CVE-2017-17539

CVE-2017-17539 concerns Fortinet FortiWLC up to version 7.0.11, where a hardcoded account grants an attacker with network access unauthorized read/write via a remote shell. The underlying issue is a hardcoded credential that persists across versions prior to the remediation. Impact described in t...

10CVSS9.4AI score0.02078EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2018/05/07 2:0 p.m.9 views

CVE-2017-17540

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell...

7.4AI score0.02078EPSS
Exploits0References2
Rows per page
Query Builder