Cisco Secure Web Appliance Privilege Escalation (cisco-sa-esasmawsa-vulns-YRuSW5mD)

According to its self-reported version, Cisco Secure Web Appliance is affected by a privilege escalation vulnerability thathat could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the use of a hard-coded value to encrypt a token...

Exploit for Use of Hard-coded Credentials in Pctechsoft Pcsecure

PCSecure V5.0.8.xw - Use of Hard-coded Credentials in configur...

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

CVE-2022-29889

CVE-2022-29889 affects Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Talos reports a telnet service on TCP/55023 with a root password derived from the device MAC address; the password is generated by a hard-coded process in the /root/hpgw binary, enabling arbitrary command execution if a...

PT-2022-5290 · Abode Systems · Iota All-In-One Security Kit

Name of the Vulnerable Software and Affected Versions: Abode Systems, Inc. iota All-In-One Security Kit version 6.9Z Description: A hard-coded password vulnerability exists in the telnet functionality, allowing an attacker to authenticate with hard-coded credentials. This can lead to arbitrary...

CVE-2021-4228

Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle MitM attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0...

CVE-2022-38117

Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt users’ ciphertext and tamper with it...

CVE-2022-38117 Juiker app - Hard-coded Credentials

Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt users’ ciphertext and tamper with it...

CVE-2022-38117 Juiker app - Hard-coded Credentials

Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt users’ ciphertext and tamper with it...

CVE-2022-38117

The CVE-2022-38117 entry describes Juiker app hard-coding an AES key in its source code. A to-the-point consequence is that a physical attacker who gains Android root privileges can use the embedded key to decrypt users’ ciphertext and tamper with it. The connected documents confirm the root-caus...

CVE-2021-4228 Hard-coded TLS Certificate

Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle MitM attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0...

Juiker 信任管理问题漏洞

Juiker is an instant messaging software for government and business organizations from Juiker. Juiker suffers from a security vulnerability that stems from the application's use of hard-coded AES keys in the source code. A physical attacker with root access to Android could use the AES key to...

PT-2022-11583 · Lanner · Iac-Ast2500A

Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.00.0 Description: The issue allows an attacker to perform Man-in-the-Middle MitM attacks, even when an HTTPS connection is present, due to the use of a hard-coded TLS certificate by default...

CVE-2021-4228 Hard-coded TLS Certificate

Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle MitM attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0...

ORing Net IAP-420+ 安全漏洞

The ORing Net IAP-420+ is a wireless access point from China Power ORing. A security vulnerability exists in the ORing Net IAP-420+ version 2.0m, which stems from a telnet server that is enabled by default and cannot be permanently disabled, which can be used to connect to the device and obtain a...

CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...