30 matches found
EUVD-2016-1493
Malware in sbrugna...
EUVD-2024-40276
Malicious code in bioql PyPI...
EUVD-2023-34085
Malicious code in bioql PyPI...
EUVD-2023-12406
Malicious code in bioql PyPI...
CVE-2023-0345
The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...
CVE-2020-29583
Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...
CVE-2024-43423
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed...
CVE-2024-43423
CVE-2024-43423 affects Dover Fueling Solutions ProGauge MAGLINK LX4 CONSOLE (and LX) web applications, describing a hard-coded administrator password that cannot be changed. Root cause: hard-coded admin credentials in the web UI, enabling full device access; CVSS scores indicate high risk (3.1/AV...
PT-2024-30576 · Unknown · Progauge Maglink Lx4 Console
Name of the Vulnerable Software and Affected Versions: ProGauge MAGLINK LX4 CONSOLE affected versions not specified Description: The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. Recommendations: At the momen...
VulnCheck KEV: CVE-2017-17107
Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root user. The SONIX operating system's setup renders this password unchangeable and it can be used to access the device via a TELNET session...
CVE-2023-23770
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface MMI, allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled...
CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
Default credentials
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
CVE-2023-2611
CVE-2023-2611 affects Advantech R-SeeNet version 2.4.22 and earlier, describing a hidden root-level user with an unchangeable password (hard-coded credentials) that authenticates remotely. Several connected sources confirm the root cause: a hidden user not exposed in the standard user list with a...
CVE-2023-0345 CVE-2023-0345
The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...
CVE-2023-0345 CVE-2023-0345
The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...
Default credentials
A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be changed by a user via any normally accessible means...
Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability
Zyxel firewalls ATP, USG, VM and AP Controllers NXC2500 and NXC5500 contain a use of hard-coded credentials vulnerability in an undocumented account "zyfwp" with an unchangeable password...
CVE-2020-29583
Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...
Default credentials
Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...