IBM Concert Encryption Problem Vulnerability (CNVD-2026-16880)

IBM Concert is an enterprise-class collaboration and project management software from IBM. A security vulnerability exists in IBM Concert versions 1.0.0 through 2.2.0 that stems from fixed authentication information embedded in the software. An attacker could exploit the vulnerability to obtain...

CVE-2025-9497 Hardcoded Upgrade Decryption Passwords

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

CVE-2025-9497 Hardcoded Upgrade Decryption Passwords

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

OpenUI 信任管理问题漏洞

OpenUI is an open-source UI program developed byWeights & Biases. Versions of OpenUI 1.0 and earlier had a trust management vulnerability, which was caused by incorrect handling of the parameter LITELLMMASTERKEY, resulting in hardcoded credentials...

CVE-2021-27146

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP...

CVE-2021-27148

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP...

CVE-2021-27155

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 3UJUh2VemEfUtesEchEC2d2e credentials for an ISP...

CVE-2021-27151

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP...

CVE-2021-27164

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP...

CVE-2021-27157

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP...

CVE-2021-27159

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded useradmin / 888888 credentials for an ISP...

CVE-2016-20026

ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives containing JSP...

WordPress plugin Addi 信任管理问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Exploit for CVE-2024-51347

CVE-2024-51347: Unauthenticated Remote Code Execution in LSC I...

Harbor 安全漏洞

Harbor is an open-source registry developed by Harbor Open Source. It protects artifacts through policy-based and role-based access control, ensures that images are scanned for vulnerabilities, and signs images as trustworthy. Versions of Harbor prior to 2.15.0 have security vulnerabilities; thes...

KlinikaXP Klinika XP和KlinikaXP Insertino 信任管理问题漏洞

KlinikaXP and KlinikaXP Insertino are software products developed by the Polish company KlinikaXP, used for managing medical clinics. They offer features such as appointment management, patient records, and billing processing. Previous versions of Klinika XP 5.39.01.01.01 and KlinikaXP Insertino...

QNAP Systems QuNetSwitch 信任管理问题漏洞

QNAP Systems QuNetSwitch is a network management software developed by QNAP Systems, a company based in Taiwan, China. It provides centralized switch management and network configuration monitoring capabilities. Previous versions of QNAP Systems QuNetSwitch, such as 2.0.5.0906, had a vulnerabilit...

CVE-2026-30701

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

CVE-2026-30701

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

CVE-2026-30701

The CVE-2026-30701 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability arises from hardcoded credential disclosure mechanisms using Server Side Include across server-side pages such as login.shtml and settings.shtml, which dynamically retrieve and expose the web ...