📄 Hustle Plugin 7.8.3 Hardcoded Credentials

Hustle plugin versions 7.8.3 and below contain hardcoded HubSpot API credentials in inc/providers/hubspot/hustle-hubspot-api.php. CVE-2024-0368 Hustle Plugin = 7.8.3 contains hardcoded HubSpot API credentials in inc/providers/hubspot/hustle-hubspot-api.php Vulnerability Summary | Field | Value |...

PT-2026-1952

Name of the Vulnerable Software and Affected Versions Ruckus vRIoT IoT Controller versions prior to 3.0.0.0 GA Description The Ruckus vRIoT IoT Controller firmware exposes a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcod...

Ruckus vRIoT IoT Controller 信任管理问题漏洞

Ruckus vRIoT IoT Controller is a virtual wireless IoT controller from Ruckus USA. A trust management issue vulnerability exists in Ruckus vRIoT IoT Controller versions prior to 3.0.0.0 that stems from hard-coded credentials and could lead to the execution of arbitrary code...

PT-2026-1920

Name of the Vulnerable Software and Affected Versions KAYSUS KS-WR1200 version 107 Description KAYSUS KS-WR1200 routers with firmware version 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or...

CVE-2025-68718

KAYSUS KS-WR1200 routers, firmware 107, expose SSH and TELNET on the LAN interface with hardcoded credentials (root:12345678). The administrator cannot disable these services or change the hardcoded password, and changing the management GUI password has no effect on SSH/TELNET authentication. Any...

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

CVE-2019-7227

In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default credential pair exor/exor ...

CVE-2019-12550

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET...

CVE-2024-2038

The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible fo...

CVE-2020-36915

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

CVE-2020-36915 Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

PT-2026-1449

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

Adtec Digital SignEdje Digital Signage Player 安全漏洞

Adtec Digital SignEdje Digital Signage Player is a digital signage player from Adtec Digital, USA. A security vulnerability exists in Adtec Digital SignEdje Digital Signage Player version v2.08.28, which stems from the presence of multiple hardcoded default credentials that could result in gainin...

EUVD-2022-55940

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

CVE-2022-50696

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

CVE-2022-50696

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

CVE-2022-50696

CVE-2022-50696 affects SOUND4 IMPACT/FIRST/PULSE/ Eco v2.x and earlier. The root cause is hardcoded credentials embedded in the device server binaries, which cannot be modified through normal device operations. This creates a vulnerability where attackers could gain unauthorized access across Lin...

CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

PT-2025-54234

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below Description The software includes hardcoded credentials within its server binaries, which cannot be altered through standard device procedures. This allows attackers to gain unauthorized...