Lucene search
K

3044 matches found

Prion
Prion
added 2013/06/05 12:55 a.m.20 views

Hardcoded credentials

Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors...

7.5CVSS7.4AI score0.01095EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2013/06/05 12:0 a.m.49 views

Zavio IP cameras multiple security vulnerabilities

Hardcoded credentials, code execution, weak permissions...

2.5AI score0.48539EPSS
Exploits9References1
Prion
Prion
added 2013/05/23 5:55 p.m.13 views

Hardcoded credentials

TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session...

10CVSS7.2AI score0.02251EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/05/04 12:0 a.m.52 views

D-Link IP cameras multiple security vulnerabilities

Code execution, authentication bypass, hardcoded credentials, information leakage...

2.5AI score0.40353EPSS
Exploits10References1
OpenVAS
OpenVAS
added 2013/04/09 12:0 a.m.35 views

Aastra IP Telephone Hardcoded Credentials (Telnet)

Aastra IP Telephone is using known hardcoded credentials. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References3
Prion
Prion
added 2013/03/14 3:13 a.m.19 views

Hardcoded credentials

1 contrib/gforge-3.0-cronjobs.patch, 2 cronjobs/homedirs.php, 3 deb-specific/fileforge.pl, 4 deb-specific/groupdumpupdate.pl, 5 deb-specific/sshdumpupdate.pl, 6 deb-specific/userdumpupdate.pl, 7 plugins/scmbzr/common/BzrPlugin.class.php, 8 plugins/scmcvs/common/CVSPlugin.class.php, 9...

6.9CVSS6.7AI score0.00374EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2013/03/11 5:55 p.m.23 views

Hardcoded credentials

360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session...

10CVSS8.1AI score0.03799EPSS
Exploits0References1
Prion
Prion
added 2013/02/15 12:9 p.m.14 views

Hardcoded credentials

Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors...

5CVSS7.2AI score0.01925EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2013/01/15 9:55 p.m.23 views

Hardcoded credentials

The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors...

7.5CVSS6.6AI score0.00812EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2012/12/23 9:55 p.m.18 views

Hardcoded credentials

Carlo Gavazzi EOS-Box with firmware before 1.0.0.10802.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script, a similar issue to CVE-2012-5862...

10CVSS7.2AI score0.11946EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2012/12/23 9:55 p.m.16 views

Hardcoded credentials

Siemens RuggedCom Rugged Operating System ROS before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network...

4.3CVSS6.9AI score0.01134EPSS
Exploits0References4Affected Software4
Prion
Prion
added 2012/11/28 1:55 a.m.24 views

Hardcoded credentials

The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request...

7.5CVSS7.2AI score0.08015EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/10/25 12:0 a.m.23 views

Novell ZENworks Asset Management rtrlet Component GetFile_Password Method Hardcoded Credentials Information Disclosure

The remote host has a version of Novell ZENworks Asset Management that is affected by an arbitrary information disclosure vulnerability. The 'GetFilePassword' maintenance call in '/rtrlet/rtr' is protected by a set of known, hard-coded credentials. This maintenance call can be utilized by an...

7.8CVSS6.1AI score0.44012EPSS
Exploits5References1
Prion
Prion
added 2012/10/20 6:55 p.m.19 views

Hardcoded credentials

The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...

7.8CVSS6.8AI score0.44012EPSS
Exploits5References4Affected Software1
Prion
Prion
added 2012/08/26 7:55 p.m.16 views

Hardcoded credentials

The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a 1 symlink or 2 hard link, a different vulnerability than CVE-2012-3485...

1.2CVSS6.6AI score0.03776EPSS
Exploits6References3Affected Software1
Prion
Prion
added 2012/08/24 8:55 p.m.18 views

Hardcoded credentials

The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.120741313, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and...

9.3CVSS7.3AI score0.03721EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2012/08/22 12:0 a.m.1111 views

Apache Tomcat Manager/Host Manager/Server Status Default/Hardcoded Credentials (HTTP)

The Apache Tomcat Manager/Host Manager/Server Status is using default or known hardcoded credentials. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS6AI score0.78995EPSS
Exploits26References12
Prion
Prion
added 2012/08/21 6:55 p.m.14 views

Hardcoded credentials

The Linux firmware image on 1 Korenix Jetport 5600 series serial-device servers and 2 ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session...

10CVSS7.5AI score0.03602EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2012/08/20 10:55 p.m.15 views

Hardcoded credentials

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...

4CVSS7.3AI score0.03203EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2012/08/07 8:55 p.m.26 views

Hardcoded credentials

The bdrvopen function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file...

4.4CVSS6.5AI score0.00344EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder