Hardcoded credentials

Control cards for Cisco Optical Networking System ONS 15000 series nodes before 20060405 allow remote attackers to cause a denial of service card reset via 1 a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; 2 a "crafted" IP packet to a devic...

Hardcoded credentials

CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. NOTE: the vendor states "The initial announcement of this risk was made on our website... and it included a patch which will close the...

Hardcoded credentials

Advantage Century Telecommunication ACT P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol NTP server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks...

CVE-2004-2556

CVE-2004-2556 affects NetGear WG602 (WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67, which contain a hardcoded administrator account (username: super, password: 5777364). This flaw allows remote attackers to modify the device configuration. The issue is rooted in a hardcoded credential...

CVE-2004-2557

NetGear WG602 aka WG602v1 Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration...

CVE-2004-2557

CVE-2004-2557 affects NetGear WG602 (WG602v1) Wireless Access Point 1.7.14, which contains a hardcoded admin account: username "superman" and password "21241036". This permits remote configuration changes by an attacker. Connected documents confirm the concrete details; exploitation status and fi...

CVE-2004-2556

NetGear WG602 aka WG602v1 Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration...

CVE-2004-1920

X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access...

CVE-2004-1921

The CVE-2004-1921 entry affects X-Micro WLAN 11b Broadband Router 1.6.0.1, which uses a hardcoded username/password combo ("1502"). This permits remote access without authentication, with a CVSS v2 base score of 7.5 (Network, Low complexity, No user interaction). The provided documents confirm th...

CVE-2004-1921

X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access...

CVE-2004-1920

X-Micro WLAN 11b Broadband Router (versions 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0) contains a hardcoded 'super' username and password, which could allow remote attackers to gain access. The connected documents confirm the affected product and credential issue but do not provide details on exploitation...

CVE-2004-1322

Cisco Unity 2.x–4.x (when integrated with Microsoft Exchange) is affected by hard coded usernames and passwords that enable remote unauthorized access and the ability to change configuration or read emails. The vulnerability is described across CVE-2004-1322 references from NVD and CVE records, i...

CVE-2004-2556

NetGear WG602 aka WG602v1 Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration...

CVE-2004-0391

Cisco Wireless LAN Solution Engine WLSE 2.0 through 2.5 and Hosting Solution Engine HSE 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration...

[Full-Disclosure] NEW backdoor in X-Micro WLAN 11b Broadband Router

Backdoor in the X-Micro WLAN 11b Broadband Router ALL VERSIONS ARE AFFECTED 1.6.0.1 too Previous bugreport's bugtraq id: 10095 FCC ID: RAFXWL-11BRRG Firmware Version: 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, 1.6.0.1 Remote: yes, easily expoitable Type: administration password, which always works The...

CVE-2004-0391

CVE-2004-0391 affects Cisco WLSE (Wireless LAN Solution Engine) versions 2.0–2.5 and HSE (Hosting Solution Engine) 1.7–1.7.3, which contain a hardcoded username and password. The root cause is hardcoded credentials allowing remote attackers to add new users, modify existing users, and change conf...

CVE-2004-1920

X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access...

CVE-2004-1921

X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access...

Cisco WLSE and HSE devices contain hardcoded username and password

Overview A default account with a common username and password exists in two Cisco products. An attacker with knowledge of this account information can compromise any of these devices on the network. Description A default account with a known, fixed username and password combination exists in som...

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...