Hardcoded credentials

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...

CVE-2021-22730

The CVE-2021-22730 issue affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) where all versions before R8 V3.4.0.1 are vulnerable to CWE-798 (Use of Hard-coded Credentials). This could allow an attacker to gain unaut...

CVE-2021-22730

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could an attacker to gain...

CVE-2021-22729

The CVE-2021-22729 entry affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) all versions prior to R8 V3.4.0.1. The root cause is CWE-259: Use of Hard-coded Password, enabling an attacker to gain unauthorized adminis...

CVE-2021-22729

A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to...

CVE-2021-22707

The CVE-2021-22707 entry describes a hard-coded credentials vulnerability in Schneider Electric EVlink devices (City, Parking, Smart Wallbox) with versions prior to R8 V3.4.0.1. The concrete details from connected sources (e.g., NUCLEI template) indicate an authentication bypass vulnerability tha...

CVE-2021-22707

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...

Router.removeLiquidityExact(uint256,address) has unchecked transfers

Handle heiho1 Vulnerability details Impact Router.removeLiquidityExactuint256,address line 114 does not check the boolean return of a token transfer. This is a brittle implementation because it relies on the boolean return value being hard-coded to true. Tokens may not revert in case of failure a...

CVE-2021-36799

KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-36799

KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-36799

CVE-2021-36799 : KNX ETS5 through 5.7.6 uses a hard-coded password (ETS5Password) with a salt value (Ivan Medvedev), enabling local users to read project information. This vulnerability is limited to products no longer supported by the maintainer. No public remediation or patch details are provid...

CVE-2021-36799

KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

KNX ETS5 Professional 信任管理问题漏洞

KNX ETS5 Professional is an application software from KNX Corp. a manufacturer-independent configuration software tool for designing and configuring smart home and building controls using the KNX system. A trust management issue vulnerability exists in KNX ETS5 Professional that stems from the...

PT-2021-21366 · Knx Ets · Knx Ets

Name of the Vulnerable Software and Affected Versions: KNX ETS versions 5 through 5.7.6 Description: The issue allows local users to read project information due to the use of a hard-coded password ETS5Password with a salt value of Ivan Medvedev. This problem is specific to products that are no...

(0Day) WSO2 API Manager JMX Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WSO2 API Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JMX RMI service, which listens on TCP port 11111 by default. The service contains a...

LearningDigital Orca HCM digital learning platform 安全漏洞

LearningDigital Orca HCM digital learning platform is a digital learning platform from China-based LearningDigital. A security vulnerability exists in the Orca HCM digital learning platform, which stems from the platform's use of a weak factory default administrator password, which is hard-coded...

CVE-2021-35961

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission...

CVE-2021-35961

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission...

CVE-2021-21820

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2021-21820

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability...