8149 matches found
Infoblox NETMRI 安全漏洞
Infoblox NETMRI is a network management product from US-based Infoblox, Inc. can automate, provide visibility and continuous insight to help organizations intelligently manage their multi-vendor networks. A security vulnerability exists in Infoblox NETMRI versions prior to 7.6.1 that stems from...
CVE-2005-2026
Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges...
CVE-2009-3710
RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username dbadmin and password sq!us3r for an SSH tunnel, which allows remote attackers to gain privileges via port 8022...
Exploit for Use of Less Trusted Source in Apache Http_Server
CVE-2022-31813 Vulnerability Checker Author: Derek Odiorn...
CVE-2024-56429
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...
CVE-2025-48417
The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...
CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations
The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...
CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations
The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...
CVE-2025-48417
The CVE-2025-48417 entry concerns hard-coded TLS certificates and private keys in the firmware of eCharge Hardy Barth cPH2 and cPP2 charging stations. The web interface (port 443) uses files in /etc/ssl (e.g., salia.local.crt, salia.local.key, salia.local.pem) and there is no option to upload or ...
CVE-2025-48413
The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...
CVE-2025-48414
There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...
CVE-2025-48414 Hard-coded web interface credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations
There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...
CVE-2025-48414
CVE-2025-48414 affects eCharge Hardy Barth cPH2 / cPP2 charging stations. Connected sources describe hard-coded credentials in the web interface scripts, granting access to admin/debug functionality and increasing attack surface. Public details confirm the issue but do not provide a confirmed pat...
CVE-2025-48414 Hard-coded web interface credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations
There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...
CVE-2025-48413
CVE-2025-48413 affects the eCharge Hardy Barth cPH2 and cPP2 charging stations. The root cause is hard-coded password hashes stored in the system files /etc/passwd and /etc/shadow that are shipped with update files. This allows an attacker to log into the device, potentially via an SSH backdoor o...
CVE-2025-48413 Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations
The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...
CVE-2025-48413 Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations
The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...
eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 信任管理问题漏洞
The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A trust management issue vulnerability exists in eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2, which stems from the use of hard-coded credentials in the web interface...
CVE-2024-56429
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...
eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 安全漏洞
The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A security vulnerability exists in the eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 that stems from the fact that the /etc/passwd and /etc/shadow files contain hard-coded...