92 matches found
METZ CONNECT多款产品 安全漏洞
METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...
EUVD-2017-16344
Malware in sbrugna...
EUVD-2020-4262
Malware in sbrugna...
EUVD-2025-30192
Malicious code in bioql PyPI...
CVE-2025-30519
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
Dover Fueling Solutions ProGauge MagLink LX4 安全漏洞
The Dover Fueling Solutions ProGauge MagLink LX4 is an automated tank gauging system console from Dover Fueling Solutions, USA. A security vulnerability exists in several Dover products that stems from the use of default root credentials that cannot be changed through standard administrative...
Privilege Escalation
github.com/kubernetes-sigs/image-builder is vulnerable to privilege escalation. The vulnerability is due to default root credentials being enabled during the Windows image build process with Nutanix or VMware OVA providers, which allows an attacker with access to the build VM to modify the image...
CVE-2025-7342
A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the Windows image build process when using the Nutanix or VMware OVA providers. These credentials, which allow root access, are disabled at the conclusion of the build. Kubernetes clusters...
CVE-2025-55584
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account...
Vulnerability fixed in Cisco Unified Communications Manager
Cisco has fixed a vulnerability in Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition. The vulnerability is in the hard-coded root SSH credentials that cannot be changed or deleted. This allows unauthenticated remote attackers to log in and...
CVE-2025-20309
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...
Para Server Logs Sensitive Information
CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 7.5 High Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Para Server Initialization Logging Version: Para v1.50.6 File Path:...
CVE-2024-57790
IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...
PT-2024-31945 · Pix Link · Pix-Link Lv-Wr22
Name of the Vulnerable Software and Affected Versions: PIX-LINK LV-WR22 version RE3002-P1-01 V117.0 Description: The issue concerns Improper Access Control, where the TELNET service is enabled with weak credentials for a root-level account, and these credentials cannot be changed. Recommendations...
The vulnerability of the image.bin file in the microprogramming software of the Ethernet serial interface converter Industrial Transformer Westermo EDW-100 allows a hacker to disclose user name and password information for the root account.
The vulnerability of the image.bin file in the microprogramming software of the Ethernet serial interface converter Westermo EDW-100 is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability can allow a malicious actor to obtain information such as the username a...
PT-2024-2712 · Adtran · Adtran Netvanta 3120
Name of the Vulnerable Software and Affected Versions: AdTran NetVanta 3120 version 18.01.01.00.E Description: The issue is related to the TELNET service of AdTran NetVanta 3120 devices, which is enabled by default and has default credentials for a root-level account. This is associated with...
CVE-2024-22902
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...
Vinchin Backup and Recovery Security Vulnerabilities
Vinchin Backup and Recovery is an easy-to-use, safe and reliable virtual machine data protection software from China Yunqi Technology Vinchin. It is used for backup and recovery. A security vulnerability exists in Vinchin Backup and Recovery version v7.2, which originates from configuring the...
CVE-2024-22902
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...
PT-2024-1516 · Vinchin · Vinchin Backup & Recovery
Name of the Vulnerable Software and Affected Versions: Vinchin Backup & Recovery version 7.2 Description: The issue is related to the use of default root credentials in Vinchin Backup & Recovery. This could allow a remote attacker to gain elevated privileges to the level of a root user by...