Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...

Schneider Electric Modicon M221 PLCs and SoMachine Basic Use of Hard-Coded Cryptographic Key (CVE-2017-7574)

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded- key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...

CVE-2022-22722

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...

CVE-2022-22722

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...

CVE-2022-22722

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...

CVE-2022-22722

The CVE-2022-22722 vulnerability affects Schneider Electric Easergy P5 (and related P3 issues) with a root cause of hard-coded credentials that could enable an attacker who gains SSH access to observe and manipulate device-config traffic, potentially leading to information disclosure and control ...

Advantech ADAM-3600

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...

Advantech 信任管理问题漏洞

Advantech, an application of Advantech China, provides intelligent electric bus management systems. A trust management issue vulnerability exists in Advantech ADAM-3600, which stems from a hard-coded private key available in the project folder, and can be exploited by an attacker to achieve Web...

Online Course Registration 信任管理问题漏洞

Online Course Registration is a PHP and MySQL based online course registration system from the PHPGurukul Phpgurukul team. A trust management issue vulnerability exists in Online Course Registration, which stems from hard-coded certificates included in the product source code, and can be exploite...

CVE-2022-22560

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline...

PrinterLogic Web Stack 信任管理问题漏洞

PrinterLogic Web Stack PrinterLogic Printer Installer is a native web application from PrinterLogic, Inc. Enables It departments to manage and automate the creation/dissemination of Printer Objects and Printer Drivers across print environments from a single management console. A trust management...

Reolink RLC-410W 信任管理问题漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in the TLS hard-coded key of Reolink RLC-410W v3.0.0.13620121102, which can be exploited by attackers to obtain sensitive information...

Bromite 安全漏洞

Bromite is a Chromium fork. It is used for adblocking and privacy enhancement. Bromite has a security vulnerability that stems from the fact that Bromite comes with a hard-coded adblock filter, with versions recognized by the rules it has...

ADOdb 授权问题漏洞

ADOdb is a PHP database library that provides a powerful abstraction for performing queries and managing databases. A security vulnerability exists in ADOdb that stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can leverage default or...

MingSoft Mcms Trust Management Issue Vulnerability

MingSoft Mcms is a complete open source J2ee system from MingSoft, China. v5.2.4 of MingSoft Mcms contains a security vulnerability that stems from the existence of a hard-coded shiro-key in the software, which can be exploited by attackers to execute arbitrary code...

CVE-2021-44464 Fresenius Kabi Agilia Connect Infusion System hard coded credentials

Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...

MingSoft Mcms 信任管理问题漏洞

MingSoft Mcms is a complete open source J2ee system from MingSoft, China. v5.2.4 of MingSoft Mcms contains a security vulnerability that stems from the existence of a hard-coded shiro-key in the software, which can be exploited by attackers to execute arbitrary code...

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...