CVE-2025-7453

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded...

CVE-2025-7453

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded...

CVE-2025-7453 saltbo zpan JSON Web Token token.go NewToken hard-coded password

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded...

CVE-2025-7453 saltbo zpan JSON Web Token token.go NewToken hard-coded password

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded...

CVE-2025-7453

Saltbo zpan CVE-2025-7453 affects the JSON Web Token Handler’s NewToken function in zpan/internal/app/service/token.go. The root cause is use of a hard-coded password when processing input 123, enabling remote exploitation. Affected versions are up to 1.6.5 and 1.7.0-beta2. Exploitation is descri...

Acclaim Systems USAHERDS Hard-Coded Credentials (CVE-2021-44207)

The version of Acclaim Systems USAHERDS running on the remote host may be missing a vendor supplied patch. It is possible, therefore, that it is affected by a vulnerability: it might use hard-coded credentials. Note that Nessus has not tested for this issue. %NASLMINLEVEL 80900 C Tenable, Inc...

PT-2025-29275 · Unknown · Saltbo Zpan

Name of the Vulnerable Software and Affected Versions: saltbo zpan versions up to 1.6.5 saltbo zpan version 1.7.0-beta2 Description: A vulnerability exists in saltbo zpan related to the JSON Web Token Handler component. The issue affects the NewToken function within the...

ZPan 安全漏洞

ZPan is a cloud storage based web disk system by the individual developer Jasper Van. A security vulnerability exists in ZPan 1.6.5 and 1.7.0-beta2 and earlier versions, which stems from the use of hard-coded passwords...

Shenzhen Liandian Communication Technology V380 IP Camera 安全漏洞

Shenzhen Liandian Communication Technology V380 IP Camera is a camera from Shenzhen Liandian Communication Technology. A security vulnerability exists in the Shenzhen Liandian Communication Technology V380 IP Camera AppFHE1V1.0.6.0 version, which stems from the default enablement of Telnet servic...

CVE-2025-37103

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a remote attacker to gain administrative access to the system...

CVE-2025-5023

The CVE-2025-5023 entry affects Mitsubishi Electric EcoGuideTAB PV-DR004J and PV-DR004JA, all versions, with a root cause related to hard-coded credentials. An attacker in Wi‑Fi range between the measurement unit and display unit can disclose generated power data and grid-revenue information, tam...

CVE-2025-5023

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product measurement unit and display unit to...

CVE-2025-5023

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product measurement unit and display unit to...

PT-2025-29074 · Mitsubishi · Ecoguidetab Pv-Dr004J +1

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation EcoGuideTAB PV-DR004J all versions Mitsubishi Electric Corporation EcoGuideTAB PV-DR004JA all versions Description: A hard-coded credentials issue exists in Mitsubishi Electric Corporation’s EcoGuideTAB...

Adobe ColdFusion < 2021.x < 2021u21 / 2023.x < 2023u15 / 2025.x < 2025u3 Multiple Vulnerabilities (APSB25-69)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 21, 2023.x update 15, or 2025.x update 3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-69 advisory. - ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are...

Mitsubishi Electric PV-DR004J 信任管理问题漏洞

The Mitsubishi Electric PV-DR004J is a solar power generator from Mitsubishi Electric Japan. The Mitsubishi Electric PV-DR004J suffers from a trust management issue vulnerability that stems from the use of hard-coded credentials, which could lead to information disclosure or denial of service...

Vulnerabilities fixed in Adobe ColdFusion

Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 25.2, 23.14, 21.20 and earlier. The vulnerabilities in ColdFusion include a significant vulnerability related to improper restriction of XML External Entity Reference XXE, hard-coded credentials, improper authorization, XML...

CVE-2025-3920

A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extra...

CVE-2025-52492

A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtains a copy of the firmware can extract these credentials. This could allow the attacker to gain...

CVE-2025-49551

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does...