CVE-2025-7768

CVE-2025-7768 affects Tigo Energy Cloud Connect Advanced (CCA). The root cause is hard-coded credentials that grant unauthorized administrative access, enabling privilege escalation and full device control, with potential to modify settings, disrupt solar energy production, and interfere with saf...

CVE-2025-7768 Use of Hard-coded Credentials in Tigo Energy Cloud Connect Advanced

Tigo Energy's Cloud Connect Advanced CCA device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar...

CVE-2025-7768 Use of Hard-coded Credentials in Tigo Energy Cloud Connect Advanced

Tigo Energy's Cloud Connect Advanced CCA device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sysauth$pic, 1 function, which utilizes a hard-coded key McEncryptionKey bD2voYwPpNuJ7B8, defined in the...

Tigo Energy Cloud Connect Advanced 信任管理问题漏洞

Tigo Energy Cloud Connect Advanced is a compact data logger from Tigo Energy USA. A trust management issue vulnerability exists in Tigo Energy Cloud Connect Advanced, which stems from hard-coded credentials and could lead to elevated privileges...

CVE-2025-2810 Draeger: ICMHelper is vulnerable to use of Hard-coded Cryptographic Key

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key...

CVE-2025-2810 Draeger: ICMHelper is vulnerable to use of Hard-coded Cryptographic Key

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key...

Dräger ICMHelper 安全漏洞

Dräger ICMHelper is a client assistance service software from Dräger, Germany. A security vulnerability exists in Dräger ICMHelper 1.4.0.1 and earlier versions, which stems from the use of a hard-coded encryption key that could lead to elevated privileges...

PT-2025-32226 · Tigo Energy · Cloud Connect Advanced

Name of the Vulnerable Software and Affected Versions: Tigo Energy Cloud Connect Advanced CCA affected versions not specified Description: Tigo Energy's Cloud Connect Advanced CCA device contains hard-coded credentials that allow unauthorized users to gain administrative access. This allows...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

RUCKUS Network Director 安全漏洞

RUCKUS Network Director is a wireless network monitoring software from RUCKUS. A security vulnerability exists in RUCKUS Network Director versions prior to 4.5, which originates from an attacker being able to forge an administrator JWT with a hard-coded key...

Austrian Archaeological Institute OpenAtlas 安全漏洞

Austrian Archaeological Institute OpenAtlas is a software platform for humanities research from Austrian Archaeological Institute, Austria. A security vulnerability exists in Austrian Archaeological Institute OpenAtlas version v8.11.0 that stems from the presence of a hard-coded administrator...

Dell ECS 安全漏洞

Dell ECS is a scalable, easy-to-manage, and resilient enterprise-class object storage solution from Dell, Inc. A security vulnerability exists in Dell ECS versions prior to 3.8.1.5 and ObjectScale versions prior to 4.0.0.0, which stems from the use of hard-coded encryption keys that could lead to...

RUCKUS Network Director 安全漏洞

RUCKUS Network Director is a wireless network monitoring software from RUCKUS. A security vulnerability exists in RUCKUS Network Director versions prior to 4.5, which stems from a hard-coded weak password that could result in gaining root access...

RUCKUS SmartZone 安全漏洞

RUCKUS SmartZone is a network controller from RUCKUS. A security vulnerability exists in versions prior to the RUCKUS SmartZone 6.1.2p3 Refresh Build, which stems from hard-coded SSH private keys and could lead to a security risk...

CVE-2025-36609

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...