CVE-2021-24005

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

Hardcoded credentials

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

CVE-2021-24005

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

CVE-2021-24005

FortiAuthenticator is affected by CVE-2021-24005 due to use of hard-coded cryptographic keys to encrypt configuration files and debug logs. The root cause is the presence of a hard-coded key that can allow an attacker with access to the files or CLI configuration to decrypt sensitive data. Affect...

CVE-2021-31505

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

CVE-2021-31505

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

CVE-2021-31505

The CVE-2021-31505 entry affects Arlo Q Plus with firmware 1.9.0.3_278, where attackers with physical access can escalate privileges via the SSH service. The vulnerability allows the device to boot into a special operation mode that accepts hard-coded SSH credentials, enabling privilege escalatio...

Weidmueller Industrial WLAN devices trust management issue vulnerability (CNVD-2021-48133)

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. Weidmueller Industrial WLAN devices Trust Management Issue vulnerability, which stems from the use of hard-coded keys in the service agent binary, can be exploited by an attacker to decrypt captured traffic from ...

CVE-2021-33531

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can...

CVE-2021-33531

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can...

CVE-2021-33529

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device...

CVE-2021-33531

The CVE-2021-33531 entry describes a vulnerability in Weidmueller Industrial WLAN devices where an undisclosed/undocumented encryption password enables hard-coded credentials in the device OS, allowing an attacker with low privileges to execute custom diagnostic scripts by sending them authentica...

CVE-2021-33531 WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can...

CVE-2021-33529 WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device...

Weidmueller Industrial WLAN 信任管理问题漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. Weidmueller Industrial WLAN devices Trust Management Issue vulnerability, which stems from the use of hard-coded keys in the service agent binary, can be exploited by an attacker to decrypt captured traffic from ...

CVE-2021-34812

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2021-34812

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors...

Hardcoded credentials

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2021-34812

CVE-2021-34812 affects Synology Calendar: a vulnerability in the PHP component where hard-coded credentials allow remote attackers to obtain sensitive information. It is exploitable on Synology Calendar versions before 2.4.0-0761. Remediation is to upgrade to 2.4.0-0761 or later. Exploitation sta...

CVE-2021-34812

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors...