CVE-2021-36312

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system...

CVE-2021-36312

CVE-2021-36312 concerns Dell EMC CloudLink, affecting 7.1 and earlier. A hard-coded password vulnerability exists in CloudLink that could allow a remote, high-privileged attacker to gain unauthorized access to affected systems. The issue is documented across multiple sources (NVD entry and CNVD/C...

CVE-2021-36312

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system...

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to hard-coding passwords, allows a intruder to escalate their privileges and execute arbitrary code.

The vulnerability of the microprogrammed logic controller ioLogik software relates to the rigid encoding of passwords. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code remotely...

The vulnerability of the serial interface converter NPort IAW5250A-6I/O lies in the use of a hard-coded cryptographic key, which allows a hacker to modify the device’s firmware.

The vulnerability of the NPort IAW5250A-6I/O serial interface converter is related to the use of a rigidly encoded cryptographic key. Exploiting this vulnerability could allow an attacker to modify the device’s firmware remotely...

Dell EMC CloudLink 安全漏洞

Dell EMC CloudLink is a flexible data encryption and key management solution for data encryption in public, private, and hybrid cloud environments.A hard-coded password vulnerability exists in Dell EMC CloudLink 7.1 and earlier versions. An attacker could exploit this vulnerability to gain...

Philips IntelliBridge EC 40 and EC 80 Hub

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

CVE-2021-40519

Airangel HSMX Gateway devices prior to version 5.2.04 have hard-coded PostgreSQL database credentials embedded in the configuration file, according to multiple sources. This root cause allows an attacker to connect to the HSMX database over the network, potentially enabling unauthorized access to...

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

Airangel Hsmx Gateway 信任管理问题漏洞

Airangel Hsmx Gateway is a platform from Airangel UK, Inc. A hard-coded credential vulnerability exists in versions of Airangel Hsmx Gateway prior to 5.2.04, which stems from the use of PostgreSQL database credentials hard-coded in the configuration file. An attacker could steal this credential t...

CVE-2021-43575

KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic...

CVE-2021-43575

KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic...

CVE-2021-43575

KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic...

CVE-2021-43575

CVE-2021-43575 affects KNX ETS6 up to version 6.0.0, where a hard-coded password (ETS5Password) and a salt (Ivan Medvedev) enable local users to read project information. This mirrors CVE-2021-36799 for ETS5, and Red Hat entries confirm the vulnerability details and vendor dispute over cryptograp...

PT-2021-23880 · Knx Ets · Knx Ets

Name of the Vulnerable Software and Affected Versions: KNX ETS versions 6.0.0 and earlier Description: The issue allows local users to read project information due to the use of a hard-coded password ETS5Password with a salt value of Ivan Medvedev. This is similar to a previously identified issue...

Ets5 Password Recovery 信任管理问题漏洞

Ets5 Password Recovery is an open source Poc for CVE-2021-36799 by Robert Gutzkow Individual Developer. Ets5 Password Recovery suffers from a trust management issue vulnerability that stems from the software's use of the hard-coded password ETS5Password with a salt value of Ivan Medvedev, which...

FORT-validator 安全漏洞

FORT-validator is an RPKI validator and RTR server that is part of the FORT project. FORT-validator has a security vulnerability that stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can exploit default or hard-coded passwords, hard-code...

LPAR2RRD 安全漏洞

Xorux LPAR2RRD is a server monitoring tool from the Czech company Xorux. A security vulnerability exists in lpar2rrd, which stems from the fact that lpar2rrd is a hard-coded system account in XoruX lpar2rrd and STOR2RRD before 7.30...

VulnCheck KEV: CVE-2020-8657

EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token...