CVE-2020-4932

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748...

Advantech WISE-PaaS/RMM 信任管理问题漏洞

Advantech WISE-PaaS/RMM is a remote monitoring and management platform for IoT devices from Advantech Taiwan, China.Advantech WISE-PaaS/RMM versions prior to 9.0.1 are vulnerable to a trust management issue that stems from the presence of hard-coded credentials in the dashboard. An unauthenticate...

IBM QRadar SIEM 信任管理问题漏洞

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A hard-coded credentials vulnerability exists in IBM QRadar SIEM versions 7.3 an...

Advantech WISE-PaaS RMM

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WISE-PaaS/RMM Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information...

IBM QRadar SIEM 信任管理问题漏洞

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A hard-coded credentials vulnerability exists in IBM QRadar SIEM versions 7.3 an...

INIM ELECTRONICS SmartLiving System 信任管理问题漏洞

INIM ELECTRONICS SmartLiving System is an application of the Italian company INIM ELECTRONICS. A SmartLiving System. A security vulnerability exists in INIM ELECTRONICS SmartLiving System that stems from the use of default hard-coded credentials...

CVE-2021-30165

The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices...

CVE-2021-30165

The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices...

CVE-2021-30165

CVE-2021-30165 affects EDIMAX wireless network cameras (e.g., IC-3140W) where the default administrator account and password are hard-coded. The root cause is a hard-coded credential that enables remote attackers to disassemble firmware and obtain privileged permissions, allowing potential full c...

CVE-2021-30165 EDIMAX Technology Co., Ltd. HD Wireless Day & Night Network Camera IC-3140W - Hard-coded password

The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices...

Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Summary IBM Spectrum Protect Plus contains hard-coded credentials which could allow a remote attacker to gain elevated privileges. UPDATED: 24 February 2021 - Remediation/Fixes section updated with additional vSnap requirements for upgrading to 10.1.7. UPDATED: 23 April 2021 - Added 10.1.8 fix...

MobileIron agents trust management issue vulnerability

MobileIron agents is an application from MobileIron USA. It is used for MobileIron agents. MobileIron agents versions 2021-03-22 and earlier are vulnerable to a trust management issue that stems from the inclusion of a hard-coded encryption key that is used to encrypt the submission of...

CVE-2021-27392

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

Hardcoded credentials

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

CVE-2021-27392

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

CVE-2021-0245

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. This issue affects: Juniper Networks Junos OS Junos Fusion Satellite Devices. 16.1...

CVE-2021-0248

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0266

The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to...

CVE-2021-0248

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0266 cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services.

The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to...