CVE-2023-2061

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via F...

Hardcoded credentials

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via F...

CVE-2023-2061 Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via F...

CVE-2023-2061

CVE-2023-2061 describes an authentication bypass in Mitsubishi Electric MELSEC iQ-R Series RJ71EIP91 and iQ-F Series FX5-ENET/IP EtherNet/IP modules due to use of hard-coded credentials in the FTP function. The underlying cause is a hard-coded password that permits remote unauthenticated FTP acce...

CVE-2023-2061 Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via F...

PT-2023-15438 · Hitron · Hitron Coda-5310

Name of the Vulnerable Software and Affected Versions: Hitron CODA-5310 affected versions not specified Description: The issue concerns hard-coded encryption/decryption keys in the program code, allowing a remote attacker authenticated as an administrator to decrypt system files. This access...

Hitron Technologies CODA 信任管理问题漏洞

Hitron Technologies CODA is a wireless router from Hitron Technologies China. The Hitron Technologies CODA suffers from a trust management issue vulnerability that arises from a hard-coded encryption or decryption key in program code. A remote attacker could use the hard-coded key to decrypt syst...

CVE-2022-47617

CVE-2022-47617 affects Hitron CODA-5310, where hard-coded encryption/decryption keys are present in the code. The underlying issue allows a remote attacker, authenticated as an administrator, to decrypt system files using the embedded keys, enabling file access, modification, and potential servic...

CVE-2022-47617 Hitron Technologies Inc. CODA-5310 - Hard-coded Cryptographic Key

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption...

CVE-2022-47617 Hitron Technologies Inc. CODA-5310 - Hard-coded Cryptographic Key

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption...

Mitsubishi Electric MELSEC 信任管理问题漏洞

The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC that stems from the use of hard-coded passwords. An attacker could...

CVE-2023-28937

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

CVE-2023-28937

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

CVE-2023-28937

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

PT-2023-22047 · Unknown · Scriptrunner For Amazon Sqs +2

Name of the Vulnerable Software and Affected Versions: DataSpider Servista versions 4.4 and earlier Description: The issue concerns the use of a hard-coded cryptographic key in DataSpider Servista, which is data integration software. This key is embedded in ScriptRunner and ScriptRunner for Amazo...

PT-2023-3007 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to the use of hard-coded passwords in the FTP...

Moxa MXsecurity Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXsecurity Series Vulnerabilities: Command Injection and Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized...

DataSpider Servista uses a hard-coded cryptographic key

Overview DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. is a data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazo...

CVE-2023-31184

ROZCOM client CWE-798: Use of Hard-coded Credentials...

CVE-2023-31184 ROZCOM client

ROZCOM client CWE-798: Use of Hard-coded Credentials...