8091 matches found
CVE-2025-58426
desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications...
CVE-2025-6950
An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens JWT used for authentication. This insecure implementation allows an unauthenticated attacker to forge valid...
CVE-2025-11899
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
EUVD-2025-34859
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899
CVE-2025-11899 affects Flowring’s Agentflow. The vulnerability arises from a hard-coded cryptographic key, enabling unauthenticated remote attackers to generate verification information and log in as any user after obtaining a user ID. Connected sources corroborate the issue across NVD/Red Hat an...
CVE-2025-6950
An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens JWT used for authentication. This insecure implementation allows an unauthenticated attacker to forge valid...
CVE-2025-6950
CVE-2025-6950 affects Moxa network security appliances and routers. The flaw is use of a hard-coded key to sign JWTs, enabling an unauthenticated attacker to forge tokens and impersonate any user, leading to complete compromise of the affected device (confidentiality, integrity, availability). Th...
CVE-2025-6950
An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens JWT used for authentication. This insecure implementation allows an unauthenticated attacker to forge valid...
EUVD-2025-34856
An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens JWT used for authentication. This insecure implementation allows an unauthenticated attacker to forge valid...
CVE-2025-61330
A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for the root account in the /etc/shadow configuration or even the absence of any password a...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform from Flowring China. A security vulnerability exists in Flowring Agentflow that stems from the use of hard-coded encryption keys, which could allow an unauthenticated remote attacker to generate authentication information using ...
PT-2025-42580
Name of the Vulnerable Software and Affected Versions Moxa network security appliances and routers affected versions not specified Description A security issue exists in Moxa’s network security appliances and routers related to the use of hard-coded credentials. The system uses a hard-coded secre...
WordPress Felan Framework Improper Authentication Vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language.WordPress plugin is an application plugin. A vulnerability exists in the WordPress Felan Framework, which is caused by the presence of hard-coded passwords in the fbajaxloginorregister function and t...
Moxa多款产品 安全漏洞
MOXA EDF-G1002-BP Series and so on are products of Moxa China.MOXA EDF-G1002-BP Series is a series of industrial-grade local area network LAN firewalls.Moxa EDR-8010 Series and so on are products of Moxa Taiwan.Moxa EDR-8010 Series is a series of secure routers.Moxa EDR-G9010 Series is a series o...
EUVD-2025-34787
A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for the root account in the /etc/shadow configuration or even the absence of any password a...
CVE-2025-61330
A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for the root account in the /etc/shadow configuration or even the absence of any password a...
CVE-2025-58426
desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications...
EUVD-2025-34744
desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications...