22 matches found
CVE-2024-43384
The CVE-2024-43384 entry concerns Phoenix Contact MGUARD products. Affected component: the devices’ handling/storage/transfer of sensitive data. Root cause: improper removal of sensitive information before storage or transfer, enabling exposure of the root password. Impact: a low-privileged remot...
PHOENIX CONTACT多款产品 安全漏洞
PHOENIX CONTACT FL MGUARD 2102, among others, are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL MGUARD 2102 is a router. PHOENIX CONTACT FL MGUARD 2105 is also a router. PHOENIX CONTACT FL MGUARD represents a series of routers. Several products from PHOENIX CONTACT have...
Barco ClickShare Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-3152)
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
EUVD-2018-4238
Malware in sbrugna...
EUVD-2019-4819
Malware in sbrugna...
EUVD-2016-6356
Malware in sbrugna...
EUVD-2016-5961
Malware in sbrugna...
EUVD-2017-16527
Malware in sbrugna...
EUVD-2015-3305
Malware in sbrugna...
EUVD-2019-0842
Malware in sbrugna...
CVE-2025-52549
CVE-2025-52549 affects Copeland/E3 Site Supervisor Control. Vulnerable firmware versions prior to 2.31F01 generate a root Linux password on each boot, enabling an attacker to derive the root password from known or easily obtainable parameters. Impacts include full device compromise with root acce...
CVE-2023-22957
An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...
CVE-2021-37157
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext...
The vulnerability of the GLPI system’s handling of requests and incidents, related to insufficient protection of user credentials, allows a malicious individual to obtain unauthorized access to the root account’s password.
The vulnerability in the GLPI system’s request and incident handling process is related to an error in passing configuration data via JavaScript. In this error, some records are filtered out, but the ldappass variable is not filtered. Exploiting this vulnerability could allow a remote attacker to...
PT-2024-13698 · Precor · Precor Touchscreen Console
Name of the Vulnerable Software and Affected Versions: Precor touchscreen console versions P62, P80, and P82 Description: The issue allows a remote attacker to obtain sensitive information because the root password is stored in /etc/passwd. An attacker could exploit this to extract files and obta...
SUSE CVE-2019-13314
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virtbootstrap.py...
TOTOLINK CA300-PoE 信任管理问题漏洞
The TOTOLINK CA300-PoE is a wireless access point from China Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK CA300-PoE version V6.2c.884, which originates from /etc/shadow storing the password of the root account...
PHICOMM K2G A1 安全漏洞
The PHICOMM K2G A1 is a dual-band Gigabit wireless WiFi router from PHICOMM China. A security vulnerability exists in the PHICOMM K2G A1 version v22.6.534.263, which originates from an attacker being able to discover the passwords of the root and admin users stored in the plaintext...
TOTOLINK A3600R 信任管理问题漏洞
TOTOLINK A3600R is a 6 antenna 1200M wireless router from TOTOLINK China.A security vulnerability exists in TOTOLINK A3600R Firmware V4.1.2cu.5182B20201102 version, which originates from the inclusion of the root password in /etc/shadow.sample. contains the root password. An attacker could exploi...
CVE-2016-3152
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image...