CVE-2024-23958

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-23958

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-23958 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

CVE-2024-46328

CVE-2024-46328 affects VONETS VAP11G-300 (firmware v3.3.23.6.9). The Red Hat and NVD entries confirm a hardcoded-credentials vulnerability in privileged accounts (including root), enabling potential unauthorized access. The sources do not provide explicit exploit details, affected software versio...

PT-2024-31958 · Vonets · Vonets Vap11G-300

Name of the Vulnerable Software and Affected Versions: VONETS VAP11G-300 version 3.3.23.6.9 Description: The issue concerns hardcoded credentials for several different privileged accounts, including root, in the VONETS VAP11G-300 device. This could potentially allow unauthorized access to the...

PT-2024-10438

Name of the Vulnerable Software and Affected Versions Yeti platform affected versions not specified Description The issue is related to the use of hardcoded credentials. An attacker can exploit this to gain elevated privileges by utilizing a static JWT token. Recommendations At the moment, there ...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk

Description : The SolarWinds Web Help Desk WHD software is...

Backdoor.Win32.Optix.02.b MVID-2024-0690 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Optix.02.b Vulnerability: Weak Hardcoded Credentials Description: Optix listens o...

AVTECH 744 DVR Account Information Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVTECH 744 DVR Account Information Retrieval', 'Description' = %q This module will extract the account information from the AVTECH 744 DVR device...

PT-2024-26325 · Ibm · Ibm Maas360

Name of the Vulnerable Software and Affected Versions: IBM MaaS360 for Android versions 6.31 through 8.60 Description: The issue concerns hardcoded credentials in IBM MaaS360 for Android that can be obtained by a user with physical access to the device. This allows unauthorized access to the...

SolarWinds Web Help Desk < 12.8.3 HF 2 HardCoded Credentials

The version of SolarWinds Web Help Desk installed on the remote host is prior to 12.8.3 HF2. It is, therefore, affected by a hardcoded credential vulnerability, that, if exploited, would allow an attacker to run commands on the host machine. Note that Nessus has not tested for these issues but ha...

Vulnerabilities fixed in Solarwinds Web Helpdesk

Solarwinds fixed vulnerabilities in Web Helpdesk A malicious party can exploit the vulnerabilities to execute code on the system using Java deserialization. A malicious party can also use hardcoded credentials to gain access to data and functionality. Solarwinds developers have released a hotfix ...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...