22 matches found
CVE-2026-36538
Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...
EUVD-2025-208540
Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
EUVD-2025-208538
Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
CVE-2025-70798
Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
CVE-2025-70802
Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
Tenda G1 安全漏洞
Tenda G1 is an enterprise-level AP management router produced by the Chinese company Tenda. There is a security vulnerability in Tenda G1, which stems from hard-coded passwords in the /etc/ro/shadow file. This vulnerability could allow attackers to log in as root...
EUVD-2025-25104
Malicious code in bioql PyPI...
EUVD-2025-25467
Malicious code in bioql PyPI...
CVE-2025-9806
A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high...
Tenda AC9 Hardcoding Vulnerability
Tenda AC9 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in 2016. The Tenda AC9 suffers from a hard-coded vulnerability that originates from an unknown function in the file /etcro/shadow of the component management interface, which can be exploited by an attacker...
Tenda W12 安全漏洞
Tenda W12 is a dual-band Gigabit wireless panelized access point AP from Tenda Technology, designed for hotels, villas, large homes and other scenarios, supporting the IEEE802.11ac protocol and the Wave2 standard with 1167Mbps dual-band concurrent rate. The Tenda W12 suffers from a hard-coded...
Cudy LT500E 安全漏洞
The Cudy LT500E is a wireless router from the Chinese company Cudy. A security vulnerability exists in the Cudy LT500E version 2.3.12 and earlier, which stems from the firmware's use of hard-coded passwords in the /squashfs-root/etc/shadow file...
CVE-2025-9309
A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...
CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials
A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...
CVE-2025-9091 Tenda AC20 shadow hard-coded credentials
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...
Tenda AC20 安全漏洞
Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a hard-coded credentials vulnerability that originates from the presence of hard-coded credentials in the file /etcro/shadow. An attacker can exploit the vulnerability to cause confidentiality to be compromised...
FNKvision FNK-GU2 加密问题漏洞
FNKvision FNK-GU2 is a camera from FNKvision Thailand. An encryption issue vulnerability exists in FNKvision FNK-GU2 version 40.1.7 and earlier, which stems from the use of risky encryption algorithms in the /etc/shadow file...
CVE-2024-54747
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...
CVE-2024-52788
Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
PT-2024-38176 · Totolink · Totolink Lr1200Gb
Name of the Vulnerable Software and Affected Versions: TOTOLINK LR1200 version 9.3.1cu.2832 Description: A problem was found in the file /etc/shadow.sample, which leads to the use of a hard-coded password. The complexity of an attack is rather high, and the exploitability is told to be difficult...