Electra Central AC unit 信任管理问题漏洞

The Electra Central AC unit is an Electra Central AC unit from Electra. A security vulnerability exists in the Electra Central AC unit that stems from the use of unspecified code that contains hard-coded credentials...

Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock

Kelly Leuschner and Thorsten Rosendahl discovered this vulnerability. Cisco Talos researchers recently discovered a vulnerability in the Lenovo Smart Clock Essential that could allow an attacker to completely take over the device if they have access to the network the clock is connected to...

Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability

Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...

Lenovo Smart Clock Essential 信任管理问题漏洞

Lenovo Smart Clock Essential is a smart stereo from Chinese company Lenovo Lenovo. Lenovo Smart Clock Essential version 4.9.113 suffers from a Trust Management Issue vulnerability that stems from the presence of a hard-coded password vulnerability, which can be exploited by an attacker to enhance...

PT-2023-2753 · Fortinet · Fortinac-F +1

Name of the Vulnerable Software and Affected Versions: FortiNAC-F version 7.2.0 FortiNAC versions 9.4.2 and below FortiNAC versions 9.2 and earlier FortiNAC versions 8.8 and earlier FortiNAC versions 8.7 and earlier Description: A use of hard-coded credentials issue may allow an authenticated...

CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

CVE-2023-22429

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

CVE-2023-22429

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

Hardcoded credentials

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

Hardcoded credentials

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

PT-2023-20753 · Buffalo · Bs-Gs2008P +5

Name of the Vulnerable Software and Affected Versions: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier BS-GSL2016P firmware Ver. 1.10-0.03 and earlier BS-GSL2016 firmware Ver. 1.10-0.03 and earlier BS-GS2008 firmware Ver. 1.0.10.01 and earlier BS-GS2016 firmware Ver. 1.0.10.01 and earlier BS-GS202...

PT-2023-18492 · Wolt · Wolt Delivery: Food/More

Name of the Vulnerable Software and Affected Versions: Wolt Delivery: Food and more versions 4.27.2 and earlier Description: The issue concerns the use of hard-coded credentials, specifically an API key for an external service, in the application. This may allow a local attacker to obtain the...

CVE-2023-22429

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

CVE-2023-22429

The CVE affects the Android app Wolt Delivery: Food and more (versions 4.27.2 and earlier). Root cause: hard-coded API key for an external service embedded in the application binary, enabling a local attacker to extract it via reverse-engineering. Impact, as stated, is high for confidentiality/in...

CVE-2023-22429

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

CVE-2023-26588

Buffalo network devices are affected by CVE-2023-26588 due to hard-coded credentials, allowing an attacker to access the product’s debug function. Affected models/firmware (examples from the public records) include BS-GSL2024, BS-GSL2016P, BS-GSL2016, BS-GS2008, BS-GS2016, BS-GS2024, BS-GS2048, B...

CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28395)

A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...