Default credentials

A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...

CVE-2021-26113

CVE-2021-26113 affects Fortinet FortiWAN prior to 4.5.9. The issue is a vulnerability in the password hashing process: a one‑way hash is used with a predictable salt (CWE-760). If an attacker has obtained the password file, they may be able to guess stored passwords. No exploitation details are p...

CVE-2021-26113

A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...

FortiWAN - Use of hardcoded salt for password hashing

A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...

Exploit for Use of a One-Way Hash with a Predictable Salt in Redux Gutenberg_Template_Library_\&_Redux_Framework

CVE-2021-38314 Python Exploit Detail The Gutenberg Templat...

CVE-2021-32596

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...

CVE-2021-32596

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...

CVE-2021-32596

CVE-2021-32596 affects FortiPortal 6.0.0 through 6.04, where a vulnerable password store uses a one-way hash with a predictable salt, enabling an attacker with access to the password store to decrypt passwords via precomputed tables. The connected sources (Fortinet advisory FG-IR-21-094 and relat...

CVE-2021-32596

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...

FortiPortal - Use of a predictable salt and digest-based algorithm for password hashing

A use of one-way hash with a predictable salt CWE-760 vulnerability in the password storing mechanism of FortiPortal may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...

CVE-2020-28214

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...

CVE-2020-28214

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...

CVE-2020-28214

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...

CVE-2020-28214

CVE-2020-28214 affects Schneider Electric Modicon M221 PLCs (all references, all versions). The vulnerability is described as CWE-760: Use of a One-Way Hash with a Predictable Salt, which could allow an attacker to pre-compute hash values using dictionary attacks (e.g., rainbow tables), effective...

Schneider Electric Modicon M221 Programmable Logic Controller

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from an adjacent network Vendor: Schneider Electric Equipment: Modicon M221 Programmable Logic Controller Vulnerabilities: Inadequate Encryption Strength, Small Space of Random Values, Missing Encryption of Sensitive Data, Exposure of...

CVE-2019-12737

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...

CVE-2019-12737

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...

Command injection

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...

CVE-2019-12737

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...

CVE-2018-15681

An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie c...