Lucene search
K

92 matches found

OSV
OSV
added 2020/05/15 6:15 p.m.2 views

CVE-2019-18666

An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested...

9.8CVSS7.4AI score0.0319EPSS
Exploits1References3
Prion
Prion
added 2020/05/15 6:15 p.m.14 views

Authorization

An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested...

10CVSS9.7AI score0.0319EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/05/15 12:0 a.m.4 views

PT-2020-9980 · D Link · D-Link Dap-1360

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1360 revision F versions 609EU through 613EUbeta D-Link DAP-1360 revision F versions through 6.12b01 Description: An issue was discovered on D-Link DAP-1360 revision F devices, allowing remote attackers to start a telnet service...

10CVSS9.7AI score0.0319EPSS
Exploits1References6
pentestit
pentestit
added 2020/01/28 11:17 p.m.43 views

UPDATE: Kali Linux 2020.1 Release

Kali Linux 2020.1 is now available. The last release was Kali Linux 2019.4. The first release of this year and this new decade was released a few hours ago. This release introduces / non-root credentials by default, along with a Kali single installer image and the introduction of a Kali NetHunter...

2.2AI score
Exploits0
OSV
OSV
added 2019/12/12 12:15 a.m.5 views

CVE-2019-10695

When using the cd4pe::rootconfiguration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module...

6.5CVSS6.6AI score0.00877EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/12/11 12:0 a.m.5 views

PT-2019-11998 · Puppet · Cd4Pe

Name of the Vulnerable Software and Affected Versions: puppetlabs/cd4pe module versions prior to 1.2.1 Description: The root user’s username and password were exposed in the job’s Job Details pane in the PE console when using the cd4pe::root configuration task to configure a Continuous Delivery f...

6.5CVSS6.6AI score0.00877EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.3 views

The vulnerability of Wago industrial-controlled switches is related to the presence of pre-installed authentication data, which allows a intruder to gain access to the device.

The vulnerability of Wago industrial-controlled switches lies in the presence of pre-installed authentication data root account credentials. Exploiting this vulnerability allows a malicious actor to gain access to the device via SSH and TELNET protocols from a remote location...

10CVSS5.6AI score0.0266EPSS
Exploits1References4Affected Software3
Positive Technologies
Positive Technologies
added 2019/10/01 12:0 a.m.5 views

PT-2019-3538 · Zingbox · Zingbox Inspector

Name of the Vulnerable Software and Affected Versions: ZingBox Inspector versions 1.294 and earlier Description: The issue is related to the use of hardcoded credentials in the ZingBox Inspector, which can allow a remote attacker to gain unauthorized access to the system. The presence of these...

8.4CVSS8.3AI score0.00356EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/11 12:0 a.m.49 views

openSUSE Security Update : systemd (openSUSE-2018-1382)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

8.8CVSS7.3AI score0.02279EPSS
Exploits4References21
OSV
OSV
added 2018/10/05 2:29 p.m.4 views

CVE-2018-15427

A vulnerability in Cisco Video Surveillance Manager VSM Software running on certain Cisco Connected Safety and Security Unified Computing System UCS platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user...

9.8CVSS6.1AI score0.06827EPSS
Exploits0References3
CNVD
CNVD
added 2018/09/25 12:0 a.m.2 views

Cisco Video Surveillance Manager Device Default Password Vulnerability

Cisco Video Surveillance Operations Manager is an enterprise-class video configuration and management solution. A device default password vulnerability exists in Cisco Video Surveillance Manager due to the presence of undocumented default static user credentials for the root account of the affect...

10CVSS9.6AI score0.06827EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/19 12:0 a.m.4 views

Cisco Policy Suite Cluster Manager Default Password Vulnerability

Cisco Policy Suite is a carrier-grade policy, charging, and subscriber data management solution. A default password vulnerability exists in Cisco Policy Suite Cluster Manager, which allows an unauthenticated, remote attacker to log in to a system with default static user credentials using a root...

10CVSS9.6AI score0.0379EPSS
Exploits0References1
OSV
OSV
added 2018/07/18 11:29 p.m.5 views

CVE-2018-0375

A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, static user...

9.8CVSS6AI score0.0379EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/04 12:0 a.m.2 views

Moxa AWK-3131A Wireless Access Point Hardcoded Administrator Certificate Vulnerability

The Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa. A security vulnerability exists in the Moxa AWK-3131A Wireless Access Point using firmware version 1.1, which originates from the use of hard-coded credentials by a root account. An attacker could use the vulnerability to ta...

10CVSS6.9AI score0.0233EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2018/03/06 12:0 a.m.6 views

The vulnerability of TRENDnet TEW-823DRU router microprogramming software, related to the use of pre-installed configuration data, allows a hacker to gain access to the device.

The vulnerability of TRENDnet TEW-823DRU router microprogramming software is related to the use of pre-installed account data for the root account. Exploiting this vulnerability allows a malicious actor to gain access to the device via an FTP session...

10CVSS5.5AI score0.01983EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/10/20 12:0 a.m.3 views

Google Golang Go Certificate Validation Vulnerability

Google Golang Go is a programming language optimized for programming applications on multiprocessor systems by Google. A security vulnerability exists in Google Golang Go versions 1.7.3 and 1.6.3. A remote attacker can exploit this vulnerability to authenticate a connection with the help of...

7.5CVSS6.1AI score0.01287EPSS
Exploits0References1
OSV
OSV
added 2017/07/04 2:29 a.m.6 views

CVE-2017-7317

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

9.8CVSS5.8AI score0.02241EPSS
Exploits2References1
Prion
Prion
added 2017/07/04 2:29 a.m.20 views

Design/Logic Flaw

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

10CVSS9.3AI score0.02241EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2017/07/04 2:29 a.m.19 views

CVE-2017-7317

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

10CVSS9.5AI score0.02241EPSS
Exploits2References1
Cvelist
Cvelist
added 2017/07/04 2:0 a.m.26 views

CVE-2017-7317

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

9.5AI score0.02241EPSS
Exploits2References1
Rows per page
Query Builder