Hardcoded credentials

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory owned by a non-root user, a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem...

CVE-2021-20401

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075...

Hardcoded credentials

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748...

Hardcoded credentials

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075...

CVE-2021-20401

IBM QRadar SIEM CVE-2021-20401 involves hard-coded credentials. Affected products are IBM QRadar SIEM versions 7.3 (7.3.0–7.3.3 Patch 7) and 7.4 (7.4.0–7.4.2 Patch 2). The underlying issue is use of hard-coded passwords or cryptographic keys for inbound authentication, outbound communication, or ...

CVE-2020-21995

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

Hardcoded credentials

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

Hardcoded credentials

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

Hardcoded credentials

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

Hardcoded credentials

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

Hardcoded credentials

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded...

Hardcoded credentials

The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to...

Hardcoded credentials

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled...

Hardcoded credentials

On Xiaomi router AX1800 rom version 1.0.336 and RM1800 root version 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password...

Hardcoded credentials

The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key, used to encrypt the submission of username/password details during the authentication process, as demonstrated by Mobile@Work aka com.mobileiron. The key is in the...

Hardcoded credentials

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 all firmware versions prior to 02A04.1...

Hardcoded credentials

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 all firmware versions prior to 02A04.1...

Hardcoded credentials

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp which is a guest account...

GE Grid Solutions UR 信任管理问题漏洞

GE Grid Solutions UR is an embedded operating system from GE Grid Solutions, France. It provides high-performance protection, scalable I/O, integrated monitoring and metering, high-speed communications, and extensive programming and configuration capabilities. A trust management issue vulnerabili...

Hardcoded credentials

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface...