CVE-2021-44207

Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

CVE-2021-41028

CVE-2021-41028 affects Fortinet FortiClient EMS up to 7.0.1 (and 6.4.6 and below) and FortiClient components for Windows, Linux, and macOS up to 7.0.1 and 6.4.6 and below. The root causes are a hard-coded cryptographic key in FortiClientEMS and improper certificate validation in FortiClient clien...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

Xylem AquaView 信任管理问题漏洞

Xylem AquaView is a next-generation SCADA system from Xylem USA, Inc. to meet the needs of water and wastewater related professionals for a simpler, more personalized way to be able to monitor, control, and optimize their assets anytime, anywhere, from any device. A trust management issue...

Xylem AquaView

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low attack complexity Vendor: Xylem, Inc. Equipment: AquaView Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to create users, delete users,...

Dell PowerPath Management Appliance安全漏洞

The DELL Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A security vulnerability exists in the Dell PowerPath Management Appliance, which can be exploited ...

Inclusion of Sensitive Information in Source Code in pimcore/demo

Description API Keys is hard coded in the application source code. The use of a hard-coded API Key has many negative implications. Proof of Concept "security" = "method" = "datahubapikey", "apikey" = "6332aa5e6d3d6c0be31da2a8b3442113", "skipPermissionCheck" = FALSE...

Fortinet FortiOS Trust Management Issue Vulnerability (CNVD-2021-100290)

Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

Hardcoded credentials

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

Fortinet FortiOS 信任管理问题漏洞

Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...

Protect

A use of hard-coded cryptographic key vulnerability CWE 321 in FortiOS SSLVPN may allow an attacker to retrieve the key by reverse engineering...

PT-2021-22288

Name of the Vulnerable Software and Affected Versions Raspberry Pi OS versions through 5.10 Description The issue concerns a hard-coded password in Raspberry Pi OS. If the default password for the pi account is not changed, attackers can gain administrator privileges. Recommendations For Raspberr...

CVE-2021-26611

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

CVE-2021-26611

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

CVE-2021-26611 HejHome IP Camera use of hard-coded credentials vulnerability

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

CVE-2021-26611

CVE-2021-26611 affects the HejHome GKW-IC052 IP Camera, where hard-coded credentials enable remote attackers to operate the device (reboot, factory reset, snapshot, etc.). The available sources consistently describe this as a hard-coded credentials vulnerability impacting the IP camera, treated a...