3038 matches found
📄 Netbus Backdoor 1.7 Remote Code Execution
Netbus Backdoor version 1.7 Metasploit module that leverages an insecure credential storage vulnerability that then performs command injection. ============================================================================================================================================= | Title :...
CVE-2018-25147
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2018-25147
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2019-25241 FaceSentry Access Control System 6.4.8 Remote SSH Root Access
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication...
CVE-2019-25241
FaceSentry Access Control System 6.4.8 contains a critical authentication flaw: hard-coded SSH credentials for the wwwuser and an insecure sudoers configuration allow privilege escalation to root via sudo without authentication. This is documented across multiple sources (EUVD-2025-205313, NVD, C...
CVE-2018-25147 Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2018-25147 Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
PT-2025-53367
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
EUVD-2025-204759
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
PT-2025-52680
Name of the Vulnerable Software and Affected Versions ClipBucket version 5.5.2 Description The software is affected by an improper access control issue stemming from hardcoded default administrative credentials. An unauthenticated remote attacker can leverage these credentials to log in to the...
CVE-2025-65857
The CVE-2025-65857 affects Xiongmai XM530 IP cameras (firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06). The GetStreamUri ONVIF endpoint exposes RTSP URIs containing hardcoded credentials, enabling direct unauthorized video streaming access. Impact is unauthorized access to live streams; CV...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-1029
CVE-2025-1029 concerns Utarit Information Services Inc. SoliClub, where hard-coded credentials permit reading sensitive constants from the executable. Multiple sources (NVD, Red Hat, CVE/CVEList, CNNVD, EUVD, etc.) consistently describe impact for SoliClub versions 5.2.4 through 5.3.7. The vulner...