Hardcoded credentials

IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...

PT-2024-1678 · Tp Link · Tp-Link Tapo Apk

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo APK up to v2.12.703 Description: The issue is related to the use of hardcoded credentials for access to the login panel in the TP-Link Tapo APK. This allows a remote attacker to gain unauthorized access to protected information...

SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use...

Hardcoded credentials

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

Hardcoded credentials

Phlox com.phlox.simpleserver aka Simple HTTP Server 1.8 and com.phlox.simpleserver.plus aka Simple HTTP Server PLUS 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K encryption key. The threat is from a man-in-the-middle attacker who can intercept and potentially modify data during transmissio...

Hardcoded credentials

VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...

Hardcoded credentials

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...

PT-2023-8171 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. The flaw exists within the configuration of a MySQL instance, resulting from...

Hardcoded credentials

NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key...

PT-2023-7601 · Sonicwall · Sonicwall Wan Acceleration (Wxa) 5000 Virtual Appliance

Name of the Vulnerable Software and Affected Versions: SonicWall WAN Acceleration WXA 5000 Virtual Appliance affected versions not specified Description: The issue is related to the use of hardcoded credentials in the virtual device management service. This could allow a remote attacker to bypass...

Hardcoded credentials

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...

Hardcoded credentials

EzViz Studio v2.2.0 is vulnerable to DLL hijacking...

Hardcoded credentials

The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

Hardcoded credentials

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

PT-2023-18906 · Zumtobel · Zumtobel Netlink Ccd Onboard

Name of the Vulnerable Software and Affected Versions: Zumtobel Netlink CCD Onboard versions 3.74 through 3.79 Description: The issue concerns hardcoded credentials for the Administrator account. Recommendations: For Zumtobel Netlink CCD Onboard versions 3.74 through 3.79, update to Firmware 3.80...

CVE-2023-23324

CVE-2023-23324 affects Zumtobel Netlink CCD Onboard: vulnerable in firmware 3.80 with prior 3.74—3.79 releases. The root cause is hardcoded administrator credentials embedded in the device, enabling unauthorized admin access if exploited. Documented impact is severe (admin-level access could lead...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...