CVE-2024-8450 PLANET Technology switch devices - Hard-coded SNMPv1 read-write community string

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges...

CVE-2024-8450

PLANET Technology PLANET switches have a hard-coded SNMPv1 community string that grants read-write access, enabling unauthorized remote exploitation. The CVE-2024-8450 entry confirms this vulnerability in certain PLANET switch models, with impact on confidentiality, integrity, and availability (h...

CVE-2024-8449 PLANET Technology switch devices - Local users' passwords recovery through hard-coded credentials

Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password...

CVE-2024-8449 PLANET Technology switch devices - Local users' passwords recovery through hard-coded credentials

Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password...

CVE-2024-8449

CVE-2024-8449 affects PLANET Technology switch models, where the password recovery function contains a hard-coded credential. An unauthenticated attacker with physical access can use the serial console to reset any user’s password. The CVE entry notes hard-coded credential as the root cause and h...

CVE-2024-8448 PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8448 PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8448

PLANET Technology switch models are affected by CVE-2024-8448 due to a hard-coded credential in the CLI, enabling remote attackers with regular privileges to login and obtain a Linux root shell. The vulnerability affects certain PLANET switches (specific models not publicly detailed in the source...

PT-2024-39019 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switches affected versions not specified Description: The issue concerns a hard-coded credential in the password recovering functionality of certain switch models from PLANET Technology. This allows an unauthenticated attack...

PLANET switch devices 信任管理问题漏洞

PLANET switch devices are a series of switch devices from PLANET Corporation in China. A trust management issue vulnerability exists in PLANET switch devices, which originates from a hard-coded group string in the SNMPv1 service, allowing unauthorized remote attackers to use this group string to...

Infinera hiT 7300 安全漏洞

The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet-optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50 that stems from a hidden SSH service with hard-coded credentials that allows an attacker to access...

Infinera hiT 7300 安全漏洞

The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50, which stems from sensitive passwords stored in plaintext in firmware update packages allowing an...

PLANET switch devices 信任管理问题漏洞

PLANET switch devices are a family of switch devices from PLANET Corporation in China. A trust management issue vulnerability exists in PLANET switch devices that stems from hard-coded credentials in the password recovery feature, allowing an unauthenticated attacker to connect to the device via...

PT-2024-39020 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switch models affected versions not specified Description: The issue concerns a hard-coded community string in the SNMPv1 service of certain switch models from PLANET Technology. This allows unauthorized remote attackers to...

PLANET switch devices 信任管理问题漏洞

PLANET switch devices are a family of switch devices from PLANET Corporation in China. A trust management issue vulnerability exists in PLANET switch devices, which arises from hard-coded credentials in a particular command line interface, allowing a remote attacker with regular privileges to log...

PT-2024-39018 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switch models affected versions not specified Description: The issue concerns a hard-coded credential in the command-line interface of certain switch models from PLANET Technology. This allows remote attackers with regular...

CVE-2024-23958

CVE-2024-23958 affects Autel MaxiCharger AC Elite Business C50 with a BLE vulnerability in the BLE AppAuthenRequest handler that uses hardcoded credentials as a fallback. This allows network-adjacent attackers to bypass authentication on affected charging stations. The NVD entry lists a high base...

Autel Energy MaxiCharger AC Elite Business C50 安全漏洞

Autel Energy MaxiCharger AC Elite Business C50 is a car charger from Autel Energy USA. A security vulnerability exists in the Autel Energy MaxiCharger AC Elite Business C50 that stems from an issue with the inclusion of a use of hard-coded credentials in BLE...

The vulnerability in the implementation of the SSH server of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to execute a spoofing attack.

The vulnerability of the SSH-server implementation in the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to the use of cryptographic algorithms for encryption with a hard-programmed key. Exploiting this vulnerability could allow a malicious act...

GO-2024-3136 Dragonfly2 has hard coded cyptographic key in d7y.io/dragonfly

Dragonfly2 has hard coded cyptographic key in d7y.io/dragonfly...