CVE-2022-0664

Summary: CVE-2022-0664 addresses a vulnerability inNetmaker where a hard-coded cryptographic key is used by the Go implementation (github.com/gravitl/netmaker) prior to versions 0.8.5, 0.9.4, 0.10.0, and 0.10.1. Affected software: Netmaker (Go component) on versions before the listed fixed releas...

Gravitl Netmaker 安全漏洞

Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. for creating and controlling automated virtual networks. Gravitl Netmaker has a security vulnerability that stems from the use of hard-coded encryption keys...

PT-2022-16161

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.8.5 Netmaker versions prior to 0.9.4 Netmaker versions prior to 0.10.0 Description The issue is related to a hard-coded cryptographic key in the code base of Netmaker, a platform for creating and managing virtual...

Gravitl Netmaker安全漏洞

Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. for creating and controlling automated virtual networks. Gravitl Netmaker has a security vulnerability that stems from the use of hard-coded encryption keys...

PT-2022-13342

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.8.5 Netmaker versions prior to 0.9.4 Netmaker versions prior to 0.10.0 Netmaker versions prior to 0.10.1 Description The issue is related to the use of a hard-coded cryptographic key in Netmaker. This could...

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

CVE-2021-46247

The CVE-2021-46247 entry concerns the ASUS CMAX6000 v1.02.00 4x4 dual‑band WiFi cable modem router. The root cause cited across connected documents is a hard‑coded cryptographic key, enabling an attacker to recover encrypted data. The vulnerability affects the device’s ability to keep data confid...

Asus CMAX6000 安全漏洞

The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...

BSA-2021-1722

Security Advisory ID : BSA-2021-1722 Component : hard-coded credentials Revision : 1.0 Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the...

Brocade Fabric OS 信任管理问题漏洞

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. Brocade Fabric OS suffers from a trust management issue vulnerability that can be exploited by an attacker to bypass Brocade Fabric OS restrictions by hard-coding credential...

PHPGurukul Dairy Farm Shop Management System 信任管理问题漏洞

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . A hard-coded vulnerability exists in the Dairy Farm Shop Management System, which stems from hard-coded credentials in the code that can be exploited by an attacker to access the control panel...

CVE-2022-22813

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration...

Hardcoded credentials

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration...

CVE-2022-22813

CVE-2022-22813 describes a CWE-798 hard-coded credentials issue in Schneider Electric Easergy P40 devices, where if an attacker obtains the TLS cryptographic key and takes control of the Courier tunneling/communication network, they could observe and manipulate product configuration traffic. Affe...

PT-2022-6633 · Schneider Electric · Schneider Electric Easergy P40

Name of the Vulnerable Software and Affected Versions: Schneider Electric Easergy P40 affected versions not specified Description: A Use of Hard-coded Credentials issue exists, potentially allowing an attacker to observe and manipulate traffic associated with product configuration if they obtain...

Siemens SICAM TOOLBOX II (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. UPDATE INFORMATION This advisory update is a follow-up to the original advisory titled ICSA-22-041-05 SICAM TOOLBOX II...

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14926)

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard- coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware...

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14930)

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. Also, the accounts ineaadmin and mitsadm...

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...