8175 matches found
GHSA-4FVX-H823-38V3 YesWiki Uses a Broken or Risky Cryptographic Algorithm
Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...
PT-2024-34645 · Yeswiki · Yeswiki
Name of the Vulnerable Software and Affected Versions: YesWiki versions prior to 4.4.5 Description: The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is due to the...
Cisco Firepower Threat Defense Trust Management Question Vulnerability
Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. Cisco Firepower Threat Defense has a trust management issue vulnerability that originates from the presence of static accounts with hard-coded...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-31151
LevelOne WBR-6012 contains hard-coded credentials in its web services, enabling unauthenticated access within the first 30 seconds after boot and potential bypass via other vulnerabilities. TALOS confirms two backdoors: a hard-coded admin backdoor password and an undocumented user account with a ...
CVE-2024-28875
CVE-2024-28875 affects LevelOne WBR-6012. Talos confirms a hard-coded admin backdoor password and an undocumented user account, allowing admin-level access within the first 30 seconds after boot via the device’s web services. The hard-coded password is “@m!t2K1” and a reboot sequence may bypass t...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
PT-2024-23796 · Levelone · Levelone Wbr-6012
Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 affected versions not specified Description: A security issue exists due to hard-coded credentials in the web services of the affected device. This allows attackers to gain unauthorized access within the first 30 seconds aft...
PT-2024-22620 · Levelone · Levelone Wbr-6012
Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 affected versions not specified Description: A security issue exists due to hard-coded credentials in the web services of the affected device. This allows attackers to gain unauthorized access within the first 30 seconds aft...
LevelOne WBR-6012 hard-coded password vulnerability
Talos Vulnerability Report TALOS-2024-1979 LevelOne WBR-6012 hard-coded password vulnerability October 30, 2024 CVE Number CVE-2024-28875,CVE-2024-31151 SUMMARY A security flaw involving hard-coded credentials in LevelOne WBR-6012’s web services allows attackers to gain unauthorized access during...
LevelOne WBR-6012 信任管理问题漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. A trust management issue vulnerability exists in the LevelOne WBR-6012, which stems from an issue with the use of hard-coded credentials in web services...
LevelOne WBR-6012 信任管理问题漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. A trust management issue vulnerability exists in the LevelOne WBR-6012, which stems from an issue with the use of hard-coded credentials in web services...
CVE-2024-45656 IBM Flexible Service Processor hard coded credentials
IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...
CVE-2024-45656 IBM Flexible Service Processor hard coded credentials
IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...
Unspecified Vulnerability in IBM Maximo Application Suite-Monitor Component
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite-Monitor Component, which stems from the...