CVE-2023-24147

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini...

CVE-2023-24149

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow...

Design/Logic Flaw

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini...

CVE-2023-24147

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini...

CVE-2023-24147

CVE-2023-24147 affects TOTOLINK CA300-PoE router (Firmware v6.2c.884). The root cause is a hardcoded Telnet password stored in /etc/config/product.ini, enabling potential exposure of credentials. Documents describe a hardcoded credential issue and indicate an attacker could disclose sensitive inf...

CVE-2023-24155

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /webcste/cgi-bin/product.ini...

CVE-2023-24149

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow...

CVE-2023-24149

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow...

TOTOLINK T8 信任管理问题漏洞

TOTOLINK T8 is a wireless dual-band router that is mainly used for internet connection and data transmission. The TOTOLINK T8 suffers from a hard-coded vulnerability that originates from /webcste/cgi-bin/product.ini storing the password for the telnet service. An attacker can exploit the...

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

Hardcoded credentials

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

Schneider Electric Easy UPS Online Monitoring Software 信任管理问题漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric France. Schneider Electric Easy UPS Online Monitoring Software suffers from a trust management issue vulnerability that stems from a use of hard-coded credentials vulnerability that could...

CVE-2022-42973

Schneider Electric APC Easy UPS Online Monitoring Software (and APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA, V2.5-GA-01-22261, V2.5-GS, or GS-01-22261 are affected by CVE-2022-42973 (CWE-798): use of hard-coded credentials in the database, enabling local privilege escalatio...

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

Selfwealth 信任管理问题漏洞

Selfwealth is a stock investment trading platform from Selfwealth Australia. A security vulnerability exists in Selfwealth iOS mobile App version 3.3.1, which stems from the application displaying hard-coded API keys...

Dell EMC SCG Policy Manager Trust Management Issue Vulnerability

Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, U.S. A vulnerability exists in Dell EMC SCG Policy Manager that uses hard-coded encryption keys, which can be exploited by remote attackers to submit special requests that can gain LDAP user privileges...

多款Baicells Nova产品信任管理问题漏洞

Baicells Nova 227 is a miniature base station.Baicells Nova 233 is a miniature base station.Baicells Nova 243 is a miniature base station. A trust management issue vulnerability exists in the Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB device firmware prior to RTS/RTD 3.7.11.6. The...

Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28391)

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-200RNA switch family All versions V3.2.7. Devices create a new unique key upon factory reset...

RHEL 7 / 8 : Red Hat Ceph Storage 4.1 (RHSA-2020:2231)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2231 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with...