CVE-2024-4740 MXsecurity Use of Hard-coded Credentials

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper with sensitive data...

CVE-2024-4740 MXsecurity Use of Hard-coded Credentials

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper with sensitive data...

CVE-2024-4740

CVE-2024-4740 concerns MXsecurity software, affected in versions v1.1.0 and prior. The root cause cited is the use of hard-coded credentials, enabling an attacker to tamper with sensitive data. Public details explicitly cover impact as data tampering; no exploit status or in‑the‑wild details are ...

MXsecurity 信任管理问题漏洞

MOXA MXsecurity is a management platform from China's Mosa MOXA Inc. that provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A trust management issue vulnerability exists ...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software relates to the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine via SSH connection and elevate their privileges to root level...

JVN#41397971: Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software

AIPHONE IX SYSTEM is an IP Network Audio-Video Intercom and IXG SYSTEM is an IP-based Residential System. IX SYSTEM, IXG SYSTEM, and System Support Software contain multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.0...

Tenda G3 安全漏洞

Tenda G3 is a QosVpn router from Tenda China. The Tenda G3 suffers from a hard-coded credential vulnerability that can be exploited by an attacker to log in as root and obtain sensitive information...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software relates to the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine via SSH connection and elevate their privileges to root level...

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk WHD software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as CVE-2024-28987 CVSS score: 9.1, the...

Qnap QES Use of Hard-coded Credentials (CVE-2020-2499)

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later. This plugin only works with Tenable.ot...

The vulnerability of the Telnet service of D-Link’s wireless routers, such as DIR-X4860, DIR-X5460A1, and COVR-X1870, allows a hacker to execute arbitrary commands in the basic operating system.

The vulnerability of D-Link DIR-X4860, DIR-X5460A1, and COVR-X1870 wireless routers lies in the presence of undocumented configuration commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating system using hard-coded credentials...

CVE-2024-45275

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices...

Helmholz REX100 信任管理问题漏洞

Helmholz REX100 is a wireless router from Helmholz. A trust management issue vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from the inclusion of two hard-coded user accounts and hard-coded passwords, allowing an unauthenticated, remote attacker to take full control ...

PT-2024-31530 · Helmholz +1 · Rex100 +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The devices contain two hard-coded user accounts with hardcoded passwords, allowing an unauthenticated remote attacker to gain full control of the...

CVE-2024-8450

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges...

CVE-2024-8450

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges...

CVE-2024-8448

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8448

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8449

Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password...

CVE-2024-8449

Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password...