de Consumentenbond Sannce Smart HD Baby Monitor 安全漏洞

The de Consumentenbond Sannce Smart HD Baby Monitor is a webcam from de Consumentenbond in the Netherlands. It provides monitoring functionality. A security vulnerability exists in de Consumentenbond Sannce Smart HD Baby Monitor, which originates from the use of TELNET to control the pan zoom til...

Cisco IOS XR Denial of Service Vulnerability (CNVD-2021-09297)

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. A denial of service vulnerability exists in the ingress packet processing function of Cisco IOS XR. The vulnerability stems from a logic error in the processing of Telnet protocol...

Hardcoded credentials

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol...

CVE-2020-11618

The CVE-2020-11618 entry concerns THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB‑T2 2.2.1 set‑top boxes where the TELNET service is hardcoded to start on boot. This configuration enables a local network attacker to gain root access via TELNET. Documents consistently describe the issue as har...

CVE-2020-11618

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol...

CVE-2020-24056

A hardcoded credentials vulnerability exists in Verint 5620PTZ VerintFW042, Verint 4320 V4320FW023, V4320FW031, and Verint S5120FD VerintFW042units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols...

Half a Million IoT Passwords Leaked

It is amazing that this sort of thing can still happen: ...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using 1 factory-set default usernames and passwords, or 2 custom, but easy-to-guess password combinations. Telne...

CVE-2019-13554

GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...

CVE-2019-13554

GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 30 Update: telnet-0.17-77.fc30

Telnet is a popular protocol for logging into remote systems over the Internet. The package provides a command line Telnet client...

[SECURITY] Fedora 32 Update: telnet-0.17-79.fc32

Telnet is a popular protocol for logging into remote systems over the Internet. The package provides a command line Telnet client...

Netkit telnet buffer overflow vulnerability

Netkit telnet is a telnet client program for use in the Linux platform. The program is mainly used to interact and communicate with another host using the TELNET protocol. A buffer overflow vulnerability exists in the utility.c file of telnetd in netkit telnet 0.17 and earlier versions. A remote...

Hacker Leaks More Than 500K Telnet Credentials for IoT Devices

A hacker has published a list of credentials for more than 515,000 servers, home routers and other Internet of Things IoT devices online on a popular hacking forum in what’s being touted as the biggest leak of Telnet passwords to date, according to a published report. The leak—revealed in a repor...

GE Mark VIe Controller

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create...

Security Bulletin: Vulnerability in SSLv3 affects Host On-Demand (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Rational Host On-Demand. Vulnerability Details CVE-ID: CVE-2014-3566 Description: Product could allow a remote attacker to obtain sensitive...

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes...

Hardcoded credentials

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...