Hardcoded credentials

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

CVE-2022-42176

PCSecure V5.0.8.xw by PCTechSoft is affected by hard-coded credentials in configuration files, allowing local access to the admin panel. The linked exploit/documentation shows credentials stored in a plaintext system.bmp within the configuration, enabling a local user to log in as administrator. ...

PCTechSoft PCSecure 信任管理问题漏洞

PCTechSoft PCSecure is a personal computer security software from PCTechSoft. A security vulnerability exists in PCTechSoft PCSecure version V5.0.8.xw that stems from the use of hard-coded credentials in configuration files...

Abode Iota 信任管理问题漏洞

Abode Iota is a reliable Diy home security system from Abode. A trust management issue vulnerability exists in Abode Iota version 6.9Z, which stems from the presence of a hard-coded password in the telnet function, and can be exploited by an attacker to execute arbitrary commands using a hard-cod...

CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

PT-2022-26299 · Pctechsoft · Pcsecure

Name of the Vulnerable Software and Affected Versions: PCTechSoft PCSecure version 5.0.8.xw Description: The issue is related to the use of hard-coded credentials in configuration files, which can lead to unauthorized access to the admin panel. Recommendations: For PCTechSoft PCSecure version...

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-29477 SUMMARY An authentication bypass vulnerability exists in the web interface /action/factory...

Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability

Talos Vulnerability Report TALOS-2022-1569 Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability October 20, 2022 CVE Number CVE-2022-29889 SUMMARY A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One...

CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

CVE-2022-41540

The web app client of TP-Link AX10v1 V1211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attac...

CVE-2022-41540

The web app client of TP-Link AX10v1 V1211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attac...

PT-2022-6112 · Tp Link · Tp-Link Ax10V1

Name of the Vulnerable Software and Affected Versions: TP-Link AX10v1 version V1 211117 Description: The web app client of TP-Link AX10v1 uses hard-coded cryptographic keys when communicating with the router. This allows attackers to obtain the sequence key via a brute-force attack if they can...

TP-LINK AX10 信任管理问题漏洞

The TP-LINK AX10 is a router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK AX10 version V12111117, which originates from the use of hard-coded encryption keys by web application clients when communicating with the router. An attacker could use this vulnerability to obtain...

CVE-2022-41540

The web app client of TP-Link AX10v1 V1211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attac...

CVE-2022-38420

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420 Adobe ColdFusion Use of Hard-coded Credentials Application denial-of-service

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420 Adobe ColdFusion Use of Hard-coded Credentials Application denial-of-service

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420

CVE-2022-38420 affects Adobe ColdFusion Update 14 and earlier, and Update 4 and earlier. It is a Use of Hard-coded Credentials vulnerability that could cause application denial-of-service by granting access to start/stop arbitrary services; exploitation does not require user interaction. Widely c...

EUVD-2022-41005

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...