Lucene search
K

122 matches found

CNNVD
CNNVD
added 2022/09/08 12:0 a.m.4 views

Hauk 信任管理问题漏洞

Hauk is a fully open source, self-hosted location sharing service from the individual developer Marius Lindvall. A security vulnerability exists in Hauk v1.6.1, which stems from hardcoded passwords stored in plaintext in the config.php file on the server side and on the android client device...

7.5CVSS7.3AI score0.004EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.5 views

Seiko Solutions SkyBridge MB-A200 信任管理问题漏洞

The Seiko Solutions SkyBridge MB-A200 is a multi-carrier LTE-compatible IoT router from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A200 version v01.00.04 and earlier versions, which originates from multiple hardcoded passwords containing root...

9.8CVSS6.9AI score0.00694EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.7 views

The vulnerability of the software platform for collaborative code development on GitLab arises from the installation of hardcoded passwords for user accounts registered using the OmniAuth provider. This allows attackers to gain access to users’ accounts.

The vulnerability of the software platform for collaborative code development on GitLab is related to the installation of hardcoded passwords for accounts registered using the OmniAuth provider OAuth, LDAP, and SAML. Exploiting this vulnerability could allow a malicious actor, operating remotely,...

9.4CVSS8.1AI score0.76177EPSS
Exploits3References7Affected Software1
NVD
NVD
added 2021/08/02 1:15 p.m.30 views

CVE-2021-37163

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded...

9.8CVSS0.03396EPSS
Exploits0References4
OSV
OSV
added 2021/08/02 1:15 p.m.3 views

CVE-2021-37163

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded...

9.8CVSS7.5AI score0.03396EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/08/02 12:46 p.m.28 views

CVE-2021-37163

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded...

9.6AI score0.03396EPSS
Exploits0References4
CVE
CVE
added 2021/08/02 12:46 p.m.83 views

CVE-2021-37163

CVE-2021-37163 affects Swisslog Healthcare Nexus HMI3 Control Panel (Nexus software before 7.2.5.7). The device has two hardcoded passwords and an insecure permissions issue, enabling potential unauthorized access over the network. Impact details are described as high/severe in the CVSS metrics. ...

9.8CVSS9.4AI score0.03396EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/06/16 7:15 p.m.20 views

CVE-2020-25752

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel login passwords for the installer and Enphase accounts. The passwords for these accounts are hardcoded values derived from the MD5 hash of the username and serial number mixed with some static strings. T...

5.3CVSS0.01603EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/06/16 6:23 p.m.22 views

CVE-2020-25752

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel login passwords for the installer and Enphase accounts. The passwords for these accounts are hardcoded values derived from the MD5 hash of the username and serial number mixed with some static strings. T...

5.4AI score0.01603EPSS
Exploits1References3
NVD
NVD
added 2021/05/28 1:15 p.m.35 views

CVE-2020-1716

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clusters via the Ceph...

9CVSS0.01269EPSS
Exploits1References1
OSV
OSV
added 2021/05/28 1:15 p.m.20 views

CVE-2020-1716

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clusters via the Ceph...

8.8CVSS7AI score
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.4 views

CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

2.4CVSS5.8AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.32 views

CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

2.4CVSS0.00333EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/29 1:45 p.m.22 views

CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

3.8AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 2020/06/29 1:45 p.m.59 views

CVE-2020-12039

CVE-2020-12039 affects Baxter Sigma Spectrum Infusion System v6.x (35700BAX) and v8.x (35700BAX2); hard-coded passwords entered via keypad grant access to biomedical menus, including device settings, calibration values, and WBM network configuration. This is a local/physical-access issue with pub...

2.4CVSS4.1AI score0.00333EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2020/05/19 8:1 p.m.8 views

ceph-ansible: hard coded credential in ceph-ansible playbook

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clusters via the Ceph...

9CVSS7.3AI score0.01269EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.21 views

Schneider-electric Quantum Unspecified Vulnerability

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...

10CVSS3.4AI score0.0404EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.20 views

Schneider Electric Quantum Ethernet Module Multiple Versions Hardcoded Passwords

Binary data 720009.prm...

10CVSS7.3AI score0.0404EPSS
Exploits1References2
Prion
Prion
added 2019/05/02 5:29 p.m.21 views

Command injection

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interface, exploit...

9CVSS8.7AI score0.05503EPSS
Exploits1References5Affected Software3
ICS
ICS
added 2018/08/23 12:0 p.m.51 views

Hospira LifeCare PCA Infusion System Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-125-01 Hospira LifeCare PCA Infusion System Vulnerabilities that was published May 5, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Billy Rios has identified an improper authorization vulnerabilit...

10CVSS8.1AI score0.05162EPSS
Exploits0References17
Rows per page
Query Builder