CVE-2021-27161

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP...

CVE-2021-27161

The CVE-2021-27161 issue affects FiberHome HG6245D devices (RP2613) where the web daemon ships with hardcoded admin credentials (admin/1234). The connected sources confirm the vulnerability and root cause as a hardcoded credential in the device’s web interface, enabling an attacker with network a...

CVE-2021-27162

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...

CVE-2021-27162

CVE-2021-27162 affects FiberHome HG6245D devices (via RP2613). The web daemon stores a hardcoded credential (user tattoo@home) that can enable unauthorized access. Public data provided include CVSS2/3.1 scores (7.5/9.8) indicating high to critical impact. No exploitation details or fixes are desc...

CVE-2021-27163

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP...

CVE-2021-27164

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP...

CVE-2021-27164

CVE-2021-27164 affects FiberHome HG6245D devices (RP2613). The web daemon stores hardcoded credentials (admin/aisadmin), enabling potential unauthorized access to the device. Documented impact in CVE data indicates high-risk metrics (CVSSv3.1: 9.8, HIGH confidentiality/integrity/availability) and...

FiberHome HG6245D devices 信任管理问题漏洞

FiberHome HG6245D devices is a router from FiberHome, China. It provides network connectivity. A trust management issue vulnerability exists in the FiberHome HG6245D devices, which can be exploited by an attacker to attack vulnerable components using default passwords or hard-coded passwords,...

FiberHome HG6245D 信任管理问题漏洞

The HG6245D is an FTTH ONT router from FiberHome. A hardcoded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded user/8888888 credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D devices 信任管理问题漏洞

The HG6245D is an FTTH ONT router from FiberHome. A hardcoded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded user/tattoo@home credentials against an ISP. No details of the vulnerability are provided at this time...

Hardcoded credentials

Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page...

Hardcoded credentials

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom location that cannot be modified by the device owner...

Hardcoded credentials

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

Hardcoded credentials

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...

Hardcoded credentials

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings...

Hardcoded credentials

In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...

Hardcoded credentials

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-200RNA switch family All versions V3.2.7. Devices create a new unique key upon factory reset...

Hardcoded credentials

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

Hardcoded credentials

HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks...

Hardcoded credentials

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...