Quantum SuperLoader 3 安全漏洞

Quantum SuperLoader 3 is an automated storage and retrieval device from Quantum USA. A security vulnerability exists in Quantum SuperLoader 3 version V94.0 005E.0h, which stems from a hard-coded account issue that could lead to unauthorized access...

CVE-2025-37111 Hard-Coded Authentication Keys found in System

A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...

(Pwn2Own) QNAP TS-464 reset_password.cgi Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-464. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetpassword.cgi endpoint. The issue results from the use of a hard-coded...

Array Networks vAPV和Array Networks vxAG 安全漏洞

Array Networks vAPV and Array Networks vxAG are both products of Array Networks, Inc. of the U.S.A. Array Networks vAPV is a Virtual Application Delivery Controller.Array Networks vxAG is a Virtual Secure Access System. A security vulnerability exists in Array Networks vAPV version 8.3.2.17 and...

CVE-2025-36609

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-36609

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-36609

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-36609

Dell SmartFabric OS10 Software is affected (versions prior to 10.6.0.5) by a Use of Hard-coded Password vulnerability that could allow a local, low-privilege attacker to escalate privileges. Root cause described across sources is fixed credentials embedded in the OS10 software. Affected component...

CVE-2025-36609

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-8231

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

PT-2025-32446

Name of the Vulnerable Software and Affected Versions: TRENDnet TN-200 version 1.02b02 Description: A vulnerability exists in the TRENDnet TN-200 device. The issue resides in the Lighttpd component, where manipulation of the secdownload.secret argument with the input neV3rUseMe results in the use...

VulnCheck KEV: CVE-2021-35232

Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users ...

USN-7677-1 cloud-init vulnerabilities

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. CVE-2024-11584 It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is...

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

CVE-2025-8231

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-8231

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-8231 D-Link DIR-890L UART Port rgbin hard-coded credentials

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-8231 D-Link DIR-890L UART Port rgbin hard-coded credentials

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-8231

CVE-2025-8231 affects the D-Link DIR-890L, up to firmware 111b04, where the issue involves processing the rgbin file in the UART Port. The root cause described across connected documents is hard-coded credentials exposed via this path, enabling a local/physical attack on the device. Public disclo...

D-Link DIR-890L 安全漏洞

The D-Link DIR-890L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-890L 111b04 and prior versions, which originates from the presence of hard-coded credentials in the file rgbin in the component UART Port...