eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 安全漏洞

The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A security vulnerability exists in the eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 that stems from the /etc/shadow file containing hard-coded entries for the root user,...

CVE-2024-56429

The CVE-2024-56429 entry impacts itech iLabClient 3.7.1, where a hard-coded encryption/DB-access key YngAYdgAE/kKZYu2F2wm6w== in iLabClient.jar enables local users to read or write to the database. Root cause is the hard-coded key used for database access; no public exploit details are provided i...

PT-2025-22342

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue concerns hard-coded password hashes for the operating system "root" user, which are shipped with update files and cannot be deleted or changed by end-users. An attacker can use these...

PT-2025-22346 · Echarge Hardy Barth · Cph2 / Cpp2 Charging Stations

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns hard-coded TLS certificates and private keys in the firmware for the web interface, specifically on TCP port 443. An attacker can exploit this by using the private key to...

CVE-2024-56429

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...

PT-2025-22354

Name of the Vulnerable Software and Affected Versions itech iLabClient version 3.7.1 Description The issue concerns the use of a hard-coded key YngAYdgAE/kKZYu2F2wm6w== found in iLabClient.jar that allows local users to read or write to the database. This key is used by itech iLabClient for...

eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 安全漏洞

The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A security vulnerability exists in the eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 that stems from the hard-coding of TLS certificates and private keys in the web...

PT-2025-22343 · Echarge Hardy Barth · Cph2 / Cpp2 Charging Stations

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns several scripts in the web interface that are accessible via undocumented hard-coded credentials. These scripts provide access to additional administrative and debug...

ConnectWise Risk Assessment 安全漏洞

ConnectWise Risk Assessment is a cybersecurity risk assessment tool from ConnectWise that identifies vulnerabilities, compliance gaps, and provides remediation recommendations in enterprise IT environments to help MSPs and organizations achieve proactive risk management. ConnectWise Risk Assessme...

Coded Robust Aggregation for Distributed Learning under Byzantine Attacks

In this paper, we investigate the problem of distributed learning DL in the presence of Byzantine attacks. For this problem, various robust bounded aggregation RBA rules have been proposed at the central server to mitigate the impact of Byzantine attacks. However, current DL methods apply RBA rul...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

CVE-2025-27488 affects Microsoft Windows Hardware Lab Kit (HLK). The vulnerability arises from use of hard-coded credentials in HLK, enabling an authorized attacker to elevate privileges locally. The CVE is tracked in multiple feeds (NVD, MSRC) with a CVSSv3 base score of 6.7 (Medium) and a local...

Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

PT-2025-20943 · Microsoft · Windows Hardware Lab Kit

Name of the Vulnerable Software and Affected Versions: Windows Hardware Lab Kit affected versions not specified Description: The issue concerns the use of hard-coded credentials in the software, which allows an authorized attacker to elevate privileges locally. There is no information provided...

ZKTeco ZKBio CVSecurity 信任管理问题漏洞

ZKTeco ZKBio CVSecurity is a series of biometric solutions from the Chinese company ZKTeco. A trust management issue vulnerability exists in ZKTeco ZKBio CVSecurity version 6.4.1R, which stems from a hard-coded key that could lead to unverified JWT token authentication...

Privacy-Aware Berrut Approximated Coded Computing Applied to General Distributed Learning

Coded computing is one of the techniques that can be used for privacy protection in Federated Learning. However, most of the constructions used for coded computing work only under the assumption that the computations involved are exact, generally restricted to special classes of functions, and...

CVE-2025-20188

A vulnerability in the Out-of-Band Access Point AP Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. Th...

NVIDIA NvContainer Trust Management Issue Vulnerability

NVIDIA NvContainer is a container management service from NVIDIA. NVIDIA NvContainer suffers from a trust management issue vulnerability that stems from a hard-coded path issue in the use of OpenSSL, which could be exploited by an attacker to cause code execution, denial of service, elevation of...