CVE-2025-54454

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

CVE-2025-54454

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

PT-2025-30543 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine remotely...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from the use of hard-coded credentials, and can be exploited by an attacker to cause...

PT-2025-30542 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....

HP Poly Clariti Manager 安全漏洞

HP Poly Clariti Manager is a centralized management, control, and optimization software for video conferencing infrastructure from Hewlett-Packard HP in the United States. A security vulnerability exists in HP Poly Clariti Manager versions prior to 10.12.1, which stems from a vulnerability that...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from the use of hard-coded credentials, and can be exploited by an attacker to cause...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key via the use of hardcoded cryptographic key in Encryption.cs. A local attacker can obtain decrypted credentials to other servers from hMailAdmin.exe.config file and access other hMailServer admin...

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

CVE-2025-4130

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants Within an Executable. This issue affects PAVO Pay: before 13.05.2025...

CVE-2025-4130

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants Within an Executable. This issue affects PAVO Pay: before 13.05.2025...

CVE-2025-4049

CVE-2025-4049 affects SIGNUM-NET FARA (through v5.0.80.34). The vulnerability is due to hard-coded SQLite credentials, enabling unauthorized read and manipulation of the locally stored database. Impact includes high confidentiality, integrity, and availability on affected data when an attacker ca...

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Hewlett-Packard Enterprise HPE has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems. The vulnerability, tracked as CVE-2025-37103, carries a...

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

CVE-2025-46118

CVE-2025-46118 affects CommScope Ruckus Unleashed pre-200.15.6.212.14 and pre-200.17.7.0.139, and Ruckus ZoneDirector pre-10.5.1.0.279, due to hard-coded ftpuser credentials that grant FTP access to the controller. This allows a remote attacker to upload or retrieve arbitrary files from writable ...

Unspecified Vulnerability in Tenda CP3 Pro

Tenda CP3 Pro is a smart wireless PTZ camera that combines 360° panoramic surveillance, 3MP HD camera, and Wi-Fi 6 network technology, and supports human/pet detection, cry detection, and one-button calling. Tenda CP3 Pro suffers from a security vulnerability that originates from the presence of ...

PAVO Pay 信任管理问题漏洞

PAVO Pay is a mobile payment management platform from PAVO Turkey. A trust management issue vulnerability exists in PAVO Pay versions prior to 13.05.2025, which stems from the use of hard-coded credentials that could result in reading sensitive constants...

SIGNUM-NET FARA 信任管理问题漏洞

SIGNUM-NET FARA is a facility management software from SIGNUM-NET Poland. A trust management issue vulnerability exists in SIGNUM-NET FARA version 5.0.80.34 and prior versions, which stems from the use of hard-coded SQLite credentials that could lead to reading and manipulating local databases...