CVE-2025-26398

CVE-2025-26398 is documented as a vulnerability in SolarWinds Database Performance Analyzer where a hard-coded cryptographic key exists. According to the sources, exploitation could enable a local attacker with administrator privileges (and with access to the host where the additional software is...

CVE-2025-26398 SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...

PT-2025-32636 · Solarwinds · Solarwinds Database Performance Analyzer

Name of the Vulnerable Software and Affected Versions: SolarWinds Database Performance Analyzer affected versions not specified Description: SolarWinds Database Performance Analyzer contains a hard-coded cryptographic key. Exploitation of this issue could lead to a machine-in-the-middle MITM atta...

CVE-2025-8759

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8730

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

CVE-2025-8759

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759 TRENDnet TN-200 Lighttpd hard-coded key

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759 TRENDnet TN-200 Lighttpd hard-coded key

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759

The CVE-2025-8759 entry concerns TRENDnet TN-200 device version 1.02b02 where the Lighttpd component is affected. The root cause is manipulation of the secdownload.secret argument, with input neV3rUseMe, leading to the use of a hard-coded cryptographic key. This exposes potential remote exploitat...

Linux Distros Unpatched Vulnerability : CVE-2010-5331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one buffer overflow problem. NOTE: At least on...

TRENDnet TN-200 安全漏洞

TRENDnet TN-200 is a NAS media server from Trendnet, Inc. A security vulnerability exists in TRENDnet TN-200 version 1.02b02, which stems from the use of a hard-coded key in the parameter secdownload.secret...

CVE-2025-7768

Tigo Energy's Cloud Connect Advanced CCA device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar...

CVE-2025-8730

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

CVE-2025-8730

CVE-2025-8730 affects Belkin F9K1009 and F9K1010 Web Interface (versions 2.00.04–2.00.09). The root cause is hard-coded credentials that enable remote authentication bypass, granting full admin access via the web login interface (login.htm) without valid credentials. Public PoCs/exploits exist (P...

CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

CLSA-2025-1754648405 Fix CVE(s): CVE-2025-27613, CVE-2025-27614, CVE-2025-46835

SECURITY UPDATE: potential file creation/truncation when cloning untrusted repository in gitk - debian/patches/CVE-2025-27613CVE-2025-27614CVE-2025-46835.patch: improve dark mode support, remove hard-coded colors in ttext calls and use colors from the theme for text widgets via Text.Background an...

Belkin F9K1009和Belkin F9K1010 安全漏洞

The Belkin F9K1009 and Belkin F9K1010 are both a wireless router from Belkin Canada. The Belkin F9K1009 and Belkin F9K1010 have a hard-coded credential vulnerability that can be exploited by an attacker to gain access to the devices...

CVE-2025-7768

Tigo Energy's Cloud Connect Advanced CCA device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar...