CVE-2025-45813

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials...

CVE-2025-45813

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials...

CVE-2025-45813

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials...

CVE-2025-45813

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials...

PT-2025-27662 · Enensys · Enensys Ipguard

Name of the Vulnerable Software and Affected Versions: ENENSYS IPGuard v2 version 2.10.0 Description: The issue concerns hardcoded credentials in the software. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world inciden...

CVE-2025-45813

CVE-2025-45813 concerns ENENSYS IPGuard v2.10.0 with hardcoded credentials. Affected component is the IPGuard device/software; root cause is hardcoded credential storage leading to potential unauthenticated access. Impact is high confidentiality, integrity, and availability risk per the CVSS vect...

PT-2025-27659

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager Unified CM versions 15.0.1.13010-1 through 15.0.1.13017-1 Cisco Unified Communications Manager Session Management Edition Unified CM SME versions 15.0.1.13010-1 through 15.0.1.13017-1 Description A...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-54085link is external AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability CVE-2024-0769link is external D-Link DIR-859 Router Path Traversal...

CVE-2025-4378 Hardcoded Credentials in Ataturk University's ATA-AOF Mobile Application

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass. This issue affects ATA-AOF Mobile Application: before 20.06.2025...

CVE-2025-4378

CVE-2025-4378 affects the Ataturk University ATA-AOF Mobile Application. The root issue is cleartext transmission of sensitive information combined with hard-coded credentials, enabling authentication abuse and bypass. Affected versions are prior to 20.06.2025. CVSS‑3.1 metrics indicate a critica...

CVE-2025-4378 Hardcoded Credentials in Ataturk University's ATA-AOF Mobile Application

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass.This issue affects ATA-AOF Mobile Application: before 20.06.2025...

UBUNTU-CVE-2025-34034

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

CVE-2025-34034 5VTechnologies Blue Angel Software Suite Hardcoded Credentials

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

CVE-2025-34034 5VTechnologies Blue Angel Software Suite Hardcoded Credentials

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

Sitecore XM/XP/XC Hardcoded Credentials

Sitecore XM, XP and XC version 9.x = 9.3 or version 10.x 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP. No source data...

PT-2025-26661

Name of the Vulnerable Software and Affected Versions: Blue Angel Software Suite affected versions not specified Description: A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and...

CVE-2025-45784

D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVISUSERPASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially...

VulnCheck KEV: CVE-2025-34034

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

CVE-2025-45784

D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVISUSERPASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially...

CVE-2025-45784

CVE-2025-45784 affects the D-Link DPH-400S/SE VoIP Phone (v1.01). The issue is due to hardcoded provisioning variables in the firmware binary (notably PROVIS_USER_PASSWORD), resulting from insecure storage of sensitive information. An attacker who can access the firmware image could extract crede...