CVE-2022-30234

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

Hardcoded credentials

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

CVE-2022-30234

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

CVE-2022-30234

CVE-2022-30234 affects Schneider Electric Wiser Smart devices (EER21000/EER21001, v4.5 and prior). Root cause: CWE-798—Use of Hard-coded Credentials. Impact per the entry: potential arbitrary code execution when root access is obtained, i.e., full compromise of affected OT asset. CVSSv3.1 base sc...

CVE-2022-31460

Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value...

Hardcoded credentials

Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value...

CVE-2022-31460

CVE-2022-31460 affects Owl Labs Meeting Owl Pro and Whiteboard Owl devices (version 5.2.0.15). The issue enables activation of Tethering Mode using hard-coded hoothoot credentials, via a specific value, allowing an attacker in proximity to cause the device to expose a rogue access point and poten...

CVE-2022-29730

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device...

CVE-2022-29730

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device...

CVE-2022-29730

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device...

Schneider Electric PowerLogic ION Setup 信任管理问题漏洞

Schneider Electric PowerLogic ION Setup is a free, user-friendly configuration tool from Schneider Electric France. It provides an intuitive environment for setting up and verifying the settings of PowerLogic meters and other devices. Schneider Electric is vulnerable to a trust management issue...

LinkPlay Sound Bar 信任管理问题漏洞

LinkPlay Sound Bar is a speaker from LinkPlay USA. A trust management issue vulnerability exists in LinkPlay Sound Bar v1.0. An attacker could exploit this vulnerability to elevate privileges via a hard-coded password via an SSL certificate...

Owl Labs Meeting Owl 信任管理问题漏洞

Owl Labs Meeting Owl is a video conferencing device from Owl Labs, Inc. Owl Labs Meeting Owl version 5.2.0.15 is vulnerable to a trust management issue, which could be exploited by an attacker to activate network sharing mode using hard-coded hoothoot credentials via a certain c 150 value...

CVE-2022-29730

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device...

CVE-2021-33014

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33014

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33016

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33016

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

Hardcoded credentials

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33014

CVE-2021-33014 describes a hard-coded credentials issue in KUKA KR C4 and KSS, allowing an attacker to gain VxWorks Shell after login on versions prior to 8.7 (KR C4) or any product running KSS. Technical details in connected documents confirm the root cause (hard-coded credentials) and the impac...