Cisco IOS XE 信任管理问题漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE suffers from a trust management issue vulnerability that stems from...

CVE-2025-4041 Use of Hard-coded Credentials Optigo Networks ONS NC600

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...

CVE-2025-4041 Use of Hard-coded Credentials Optigo Networks ONS NC600

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...

CVE-2024-58134

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

Mojolicious 安全漏洞

Mojolicious is Mojolicious open source Perl-based real-time web framework. A security vulnerability exists in Mojolicious 9.39 and earlier versions, which stems from the use of hard-coded strings or application class names as HMAC session keys, which could lead to session forgery...

CVE-2025-23179

CWE-798: Use of Hard-coded Credentials...

goTenna Mesh 安全漏洞

goTenna Mesh is a portable mesh networking device from goTenna that builds decentralized communication networks through intelligent routing algorithms and supports offline transmission of text/location/emergency signals from smartphones. A security vulnerability exists in goTenna Mesh that stems...

goTenna V1 安全漏洞

goTenna V1 is a portable offline communication device from goTenna, Inc. that enables long-distance peer-to-peer communication between smartphones via mesh network technology. A security vulnerability exists in goTenna V1, which originates from hard-coded authentication tokens, which could lead t...

CVE-2025-23179 Ribbon Communications - CWE-798: Use of Hard-coded Credentials

CWE-798: Use of Hard-coded Credentials...

CVE-2025-23179

CVE-2025-23179 affects Ribbon Communications Apollo 9608 SBC. The issue is a trust management weakness caused by hard-coded credentials (CWE-798). Severity per the CVSS 3.1 entry is MEDIUM (AV: adjacent, AC: low, PR: low, UI: none, S: unchanged, C:L/I:L/A:L). Reported sources consistently describ...

CVE-2025-23179 Ribbon Communications - CWE-798: Use of Hard-coded Credentials

CWE-798: Use of Hard-coded Credentials...

Security Bulletin: IBM Security Verify Information Queue displays the Grafana signing key when setting up the logs stack (CVE-2021-20412)

Summary IBM Security Verify Information Queue ISIQ offers an optional logs stack to demonstrate logging and monitoring. Among the stack's components is a Grafana dashboard. The initialization file for Grafana contains a hard-coded signing key. As of ISIQ v10.0.0, this signing key has been removed...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability.

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. Hard coded credentials have been removed from the IBM Security Directory Integrator version used by IBM Security Identity Governance and Intelligence. Vulnerability...

Ribbon Communications Apollo 9608 信任管理问题漏洞

The Ribbon Communications Apollo 9608 is a Session Border Controller SBC from Ribbon Communications, Inc. that is used to protect and manage network traffic for real-time communications such as VoIP. A trust management issue vulnerability exists in the Ribbon Communications Apollo 9608 v9.6R3...

PT-2025-18183 · Ribbon Communications · Apollo 9608

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves the use of hard-coded credentials, which is a security risk. There is no information available about the estimated number of potentially affected devices worldwide or...

CVE-2025-46273

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices...

CVE-2025-46274

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database...

CVE-2025-32730

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and recorders. This vulnerability allows a local authenticated attacker to use the authentication information from the last connected surveillance...

CVE-2025-2765

CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...

Korenix JetNet Use of Hard-Coded Credentials (CVE-2017-14027)

A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and...