Hardcoded credentials

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33220

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33219

CVE-2021-33219 affects CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The vulnerability is caused by a hard-coded web application administrator password for the accounts named admin and nplus1user , described as an undocumented administrative-level credential that cannot be changed by the c...

CVE-2021-32535

The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32525

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been...

CVE-2021-32520

Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to obtain users’ credentials and related permissions. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32525

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been...

Hardcoded credentials

Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to obtain users’ credentials and related permissions. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32535

QSAN SANOS contains a hard-coded default-credentials flaw that allowed unauthenticated remote attackers to gain administrator privileges and execute arbitrary functions. A fix is available in SANOS v2.1.0. The vulnerability is documented across multiple sources (NVD, CVE, CVE List) with high to c...

CVE-2021-32525 QSAN Storage Manager - Use of Hard-coded Password-2

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been...

CVE-2021-32525

The CVE-2021-32525 issue affects QSAN Storage Manager (QSAN NAS OS) with hard-coded credentials in firmware up to version 3.3.1 (build 202101041800). The root cause is a hard-coded administrator credential in the debug mode password, allowing remote actors to access the control interface and exec...

CVE-2021-32521 QSAN Storage Manager, XEVO, SANOS - Use of Hard-coded Password

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32520

The CVE-2021-32520 entry concerns QSAN Storage Manager (QSAN NAS OS) and a hard-coded cryptographic key vulnerability. The root cause is use of a hard-coded encryption key, which could allow an attacker to obtain user credentials and related permissions. The available documents consistently descr...

CVE-2021-33218

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...

CVE-2021-33218

CVE-2021-33218 affects CommScope Ruckus IoT Controller

QSAN Storage Manager 信任管理问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A hard-coded credentials vulnerability exists in QSAN Storage Manager version 3.3.1 build 202101041800 and prior versions. An attacker can exploit this vulnerability to open the control interface via the...

QSAN SANOS 信任管理问题漏洞

QSAN SANOS is the SAN storage management operating system from QSAN China. It comes with a refreshingly simple and easy-to-use Web GUI and can be easily deployed into any infrastructure. A trust management issue vulnerability exists in QSAN SANOS, which stems from the presence of hard-coded defau...

QSAN Storage Manager 信任管理问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A security vulnerability exists in QSAN Storage Manager that stems from the use of a hard-coded encryption key vulnerability that could be exploited by an attacker to gain access to user credentials and...

Joomla! 代码问题漏洞

Joomla! is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in Joomla! 2.5.0 - 3.9.27. The vulnerability stems from a hard-coded ACL check for superuser missing from the install operation in cominstaller, which can be exploited to execute...