63 matches found
CVE-2025-10205
CVE-2025-10205 affects ABB FLXEON controllers (through 9.3.5 and newer). The issue arises from using a one-way hash with a predictable salt and low-entropy MD5 salt storage, enabling credential-related weaknesses and contributing to a remote code execution risk due to improper input validation. P...
Information Disclosure Vulnerability in Various ABB Products (CNVD-2025-13332)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
CVE-2024-13951
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2024-13951
CVE-2024-13951 describes an information disclosure in ABB ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*) caused by a one-way hash function using a predictable salt. The root cause is predictable salts in hashing, enabling potential attackers to glean s...
CVE-2024-13951 One way hash with predictable salt
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13951 One way hash with predictable salt
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2019-12737
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...
ABB Cylon FLXeon 9.3.5 (uukl.js) Predictable Salt and Weak Hashing Algorithm
Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...
CVE-2025-26486
Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...
Schneider Electric Modicon M221 Programmable Logic Controller Use of a One-Way Hash with a Predictable Salt (CVE-2020-28214)
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
InHand Networks InRouter302 安全漏洞
The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, InRouter615 version prior to V2.3.0.r5542, which stems from a one-way hash algorithm that uses predictable Salt...
Exploit for Use of a One-Way Hash with a Predictable Salt in Redux Gutenberg_Template_Library_\&_Redux_Framework
CVE-2021-38314 Python Exploit Detail...
Exploit for Use of a One-Way Hash with a Predictable Salt in Redux Gutenberg_Template_Library_\&_Redux_Framework
Unauthenticated Sensitive Information Disclosure CVE-2021-38...
Exploit for Use of a One-Way Hash with a Predictable Salt in Redux Gutenberg_Template_Library_\&_Redux_Framework
cve-2021-38314 - Unauthenticated Sensitive Information Disclos...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...