8149 matches found
CVE-2022-38823
In TOTOLINK T6 V4.1.5cu.709B20210518, there is a hard coded password for root in /etc/shadow.sample...
PT-2022-6643 · Unknown · Diaenergie
Name of the Vulnerable Software and Affected Versions: DIAEnergie versions prior to 1.9.03.009 Description: The issue is related to the use of hard-coded credentials in the DIAEnergie industrial energy management system. This allows a remote attacker to execute arbitrary code by uploading...
Exploit for Use of Hard-coded Credentials in Automationanywhere Automation_360
CVE-2022-29856-PoC Minimal...
PT-2022-23237 · Contec · Contec Fxa3200
Name of the Vulnerable Software and Affected Versions: Contec FXA3200 versions 1.13 and under Description: The issue concerns a hard-coded hash password for the root user stored in the /etc/shadow component. This password is weak and can be cracked in a few minutes. Once the password is obtained,...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
CVE-2022-38394
CVE-2022-38394 affects CentreCOM AR260S V2 firmware prior to 3.3.7. The telnet service uses hard-coded credentials, enabling a remote unauthenticated attacker to execute arbitrary OS commands. Affected product is CentreCOM AR260S V2; remediation is to update to firmware 3.3.7 or later and/or disa...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
TOTOLINK A860R /etc/shadow.sample hardcoded vulnerability
TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. The TOTOLINK A860R suffer...
CVE-2022-37841
In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...
CVE-2022-37841
In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...
PT-2022-24110 · Totolink · Totolink A860R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue concerns a hard-coded password for the root user, located in the /etc/shadow.sample file. Recommendations: For TOTOLINK A860R version 4.1.2cu.5182 B20201027, consider changi...
TOTOLINK A860R 信任管理问题漏洞
TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. The TOTOLINK A860R suffer...
Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series
Overview FLEXLAN FX3000 and FX2000 series provided by Contec Co., Ltd. contain multiple vulnerabilities listed below. Hidden Functionality CWE-912 - CVE-2022-36158 Use of Hard-coded Credentials CWE-798 - CVE-2022-36159 Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these...
Contec Health CMS8000 Patient Monitor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Contec Health Equipment: CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor Vulnerabilities: Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code 2. RISK EVALUATION...
CVE-2022-36672
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...
CVE-2022-36672
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...
CVE-2022-36672
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...
CVE-2022-36672
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...