8149 matches found
CVE-2022-22522 Hard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the device
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device...
CVE-2022-22522
CVE-2022-22522 affects Carlo Gavazzi UWP3.0 and CPY Car Park Server 2.8.3, where a remote, unauthenticated attacker could exploit hard-coded credentials to gain full access to the device. The vulnerability is described as trust/credential management issues enabling authentication bypass and full ...
Carlo Gavazzi UWP 信任管理问题漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. A trust management issue vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploited ...
Carlo Gavazzi UWP 信任管理问题漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A vulnerability with trust management issues exists in Carlo Gavazzi UWP version 3.0...
PT-2022-19252 · Carlo Gavazzi · Carlo Gavazzi Uwp3.0
Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi UWP3.0 affected versions not specified CPY Car Park Server version 2.8.3 Description: A remote, unauthenticated attacker could use hard-coded credentials to gain SuperUser access to the device. This issue affects multiple versio...
PT-2022-15492 · Carlo Gavazzi · Carlo Gavazzi Uwp3.0
Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi UWP3.0 affected versions not specified CPY Car Park Server version 2.8.3 Description: A remote, unauthenticated attacker could use hard-coded credentials to gain full access to the device. This issue affects Carlo Gavazzi UWP3.0...
CVE-2022-36159
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface an...
CVE-2022-36159
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface an...
Design/Logic Flaw
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface an...
CVE-2022-36159
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface an...
CVE-2022-36159
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface an...
CVE-2022-3214
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...
CVE-2022-3214
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...
CVE-2022-3214
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...
Hardcoded credentials
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...
CVE-2022-3214 Delta Electronics DIAEnergy Use of Hard-coded Credentials
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...
CVE-2022-3214
CVE-2022-3214 affects Delta Electronics DIAEnergie. Vulnerable in DIAEnergie before version 1.9.03.009 due to CWE-798 hard-coded credentials; an unauthenticated attacker could upload executables via a hard-coded bearer authorization, enabling remote code execution. CVSS v3.1 base score 9.8 (Netwo...
CVE-2022-38823
In TOTOLINK T6 V4.1.5cu.709B20210518, there is a hard coded password for root in /etc/shadow.sample...
Hardcoded credentials
In TOTOLINK T6 V4.1.5cu.709B20210518, there is a hard coded password for root in /etc/shadow.sample...
CVE-2022-38823
CVE-2022-38823 affects TOTOLINK T6 V4.1.5cu.709_B20210518, where a hard-coded root password is stored in /etc/shadow.sample. The vulnerability is described consistently across NVD, Red Hat, CVE feeds, and CNVD references, indicating a high-severity issue with CVSS 3.1 base score 9.8 (NETWORK atta...