CVE-2025-10250 DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key

A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high...

CVE-2025-10250

CVE-2025-10250 affects DJI Mavic Spark/Mavic Air/Mavic Mini (firmware 01.00.0500) due to a hard-coded cryptographic key in the Telemetry Channel. A local-network attacker can exploit this, with the vulnerability described as high attack complexity and publicly released exploit; affected products ...

CVE-2025-10250 DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key

A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high...

PT-2025-37174

Name of the Vulnerable Software and Affected Versions: DJI Mavic Spark version 01.00.0500 DJI Mavic Air version 01.00.0500 DJI Mavic Mini version 01.00.0500 Description: A weakness exists in the Telemetry Channel component due to the use of a hard-coded cryptographic key. An attacker present on t...

DJI Mavic 安全漏洞

DJI Mavic is a series of drones from the Chinese company DJI DJI. A security vulnerability exists in DJI Mavic that stems from the use of hard-coded keys in the component Telemetry Channel, which could lead to a local network attack...

CVE-2025-10080

A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key . The...

MasterLife Solutions Dietly App 安全漏洞

MasterLife Solutions Dietly App is a diet management application from MasterLife Solutions, Poland. A security vulnerability exists in MasterLife Solutions Dietly App version v1.25.0, which stems from hard-coded credentials and could lead to the disclosure of sensitive information...

CVE-2025-55047

CWE-798 Use of Hard-coded Credentials...

CVE-2025-55047

CWE-798 Use of Hard-coded Credentials...

CVE-2025-55047

Baicells SPECTRA LTE-U eNB outdoor base station is affected by a trust management issue described as hard-coded credentials (CVE-2025-55047). Root cause: hard-coded credentials leading to potential security feature bypass. Impact: unauthorized access or bypass of security features as indicated by...

CVE-2025-55047

CWE-798 Use of Hard-coded Credentials...

Baicells SPECTRA LTE-U eNB 信任管理问题漏洞

The Baicells SPECTRA LTE-U eNB is an outdoor LTE-U base station from Baicells. A trust management issue vulnerability exists in the Baicells SPECTRA LTE-U eNB that stems from the use of hard-coded credentials that could lead to security feature bypass...

PT-2025-36915

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software uses hard-coded credentials. This practice introduces a significant security risk, as these credentials, if exposed, could allow unauthorized...

CVE-2025-10080

A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key . The...

CVE-2025-10080

The CVE affects the API component of running-elephant Datart up to version 1.0.0-rc3, specifically the getTokensecret function in datart/security/src/main/java/datart/security/util/AESUtil.java, which uses a hard-coded cryptographic key. The issue is remotely exploitable with high complexity; exp...

CVE-2025-10080 running-elephant Datart API AESUtil.java getTokensecret hard-coded key

A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key . The...

CVE-2025-10080 running-elephant Datart API AESUtil.java getTokensecret hard-coded key

A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key . The...

Datart 安全漏洞

Datart is running-elephant's open source generation open platform for data visualization. A security vulnerability exists in Datart 1.0.0-rc3 and earlier versions, which stems from the use of hard-coded keys in the datart/security/src/main/java/datart/security/util/AESUtil.java file...

PT-2025-36428

Name of the Vulnerable Software and Affected Versions: Datart versions up to 1.0.0-rc3 Description: A vulnerability exists in Datart due to the use of a hard-coded cryptographic key within the getTokensecret function located in the datart/security/src/main/java/datart/security/util/AESUtil.java...

CVE-2025-35451

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...