92 matches found
CVE-2019-18666
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested...
Authorization
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested...
PT-2020-9980 · D Link · D-Link Dap-1360
Name of the Vulnerable Software and Affected Versions: D-Link DAP-1360 revision F versions 609EU through 613EUbeta D-Link DAP-1360 revision F versions through 6.12b01 Description: An issue was discovered on D-Link DAP-1360 revision F devices, allowing remote attackers to start a telnet service...
UPDATE: Kali Linux 2020.1 Release
Kali Linux 2020.1 is now available. The last release was Kali Linux 2019.4. The first release of this year and this new decade was released a few hours ago. This release introduces / non-root credentials by default, along with a Kali single installer image and the introduction of a Kali NetHunter...
CVE-2019-10695
When using the cd4pe::rootconfiguration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module...
PT-2019-11998 · Puppet · Cd4Pe
Name of the Vulnerable Software and Affected Versions: puppetlabs/cd4pe module versions prior to 1.2.1 Description: The root user’s username and password were exposed in the job’s Job Details pane in the PE console when using the cd4pe::root configuration task to configure a Continuous Delivery f...
The vulnerability of Wago industrial-controlled switches is related to the presence of pre-installed authentication data, which allows a intruder to gain access to the device.
The vulnerability of Wago industrial-controlled switches lies in the presence of pre-installed authentication data root account credentials. Exploiting this vulnerability allows a malicious actor to gain access to the device via SSH and TELNET protocols from a remote location...
PT-2019-3538 · Zingbox · Zingbox Inspector
Name of the Vulnerable Software and Affected Versions: ZingBox Inspector versions 1.294 and earlier Description: The issue is related to the use of hardcoded credentials in the ZingBox Inspector, which can allow a remote attacker to gain unauthorized access to the system. The presence of these...
openSUSE Security Update : systemd (openSUSE-2018-1382)
This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...
CVE-2018-15427
A vulnerability in Cisco Video Surveillance Manager VSM Software running on certain Cisco Connected Safety and Security Unified Computing System UCS platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user...
Cisco Video Surveillance Manager Device Default Password Vulnerability
Cisco Video Surveillance Operations Manager is an enterprise-class video configuration and management solution. A device default password vulnerability exists in Cisco Video Surveillance Manager due to the presence of undocumented default static user credentials for the root account of the affect...
Cisco Policy Suite Cluster Manager Default Password Vulnerability
Cisco Policy Suite is a carrier-grade policy, charging, and subscriber data management solution. A default password vulnerability exists in Cisco Policy Suite Cluster Manager, which allows an unauthenticated, remote attacker to log in to a system with default static user credentials using a root...
CVE-2018-0375
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, static user...
Moxa AWK-3131A Wireless Access Point Hardcoded Administrator Certificate Vulnerability
The Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa. A security vulnerability exists in the Moxa AWK-3131A Wireless Access Point using firmware version 1.1, which originates from the use of hard-coded credentials by a root account. An attacker could use the vulnerability to ta...
The vulnerability of TRENDnet TEW-823DRU router microprogramming software, related to the use of pre-installed configuration data, allows a hacker to gain access to the device.
The vulnerability of TRENDnet TEW-823DRU router microprogramming software is related to the use of pre-installed account data for the root account. Exploiting this vulnerability allows a malicious actor to gain access to the device via an FTP session...
Google Golang Go Certificate Validation Vulnerability
Google Golang Go is a programming language optimized for programming applications on multiprocessor systems by Google. A security vulnerability exists in Google Golang Go versions 1.7.3 and 1.6.3. A remote attacker can exploit this vulnerability to authenticate a connection with the help of...
CVE-2017-7317
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...
Design/Logic Flaw
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...
CVE-2017-7317
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...
CVE-2017-7317
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...