8047 matches found
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
Summary: CVE-2025-13957 is a CWE-798 vulnerability involving hard-coded credentials that could lead to information disclosure and remote code execution when SOCKS Proxy is enabled, if administrator and PostgreSQL credentials are known. The issue is associated with Schneider Electric EcoStruxure I...
CVE-2025-41710 Use of Hard-coded Credentials in power analyzer
An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...
CVE-2025-41710
CVE-2025-41710 describes an unauthenticated remote access issue where an attacker may use hard-coded credentials to reach a previously activated FTP server with limited read/write privileges. The CVSSv3.1 base score is 6.5 (Medium) with network attack vector, low attack complexity, and no user in...
CVE-2025-41710 Use of Hard-coded Credentials in power analyzer
An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...
PT-2026-24204
Name of the Vulnerable Software and Affected Versions PostgreSQL affected versions not specified Description A security issue exists due to the use of hard-coded credentials. This could lead to information disclosure and remote code execution when the SOCKS Proxy is enabled, and administrator...
Tenda i24 安全漏洞
The Tenda i24 is a wireless router produced by the Chinese company Tenda. The Tenda i24V3.0, with firmware version V3.0.0.5, has a security vulnerability. This vulnerability stems from hard-coded passwords in the /etc/rro/shadow file, which could allow attackers to log in as root...
Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 信任管理问题漏洞
Both Janitza UMG 96RM-E 24V and Janitza UMG 96RM-E 230V are multi-functional power quality analyzers from the German company Janitza. There are vulnerabilities related to trust management in both models 5222063 for Janitza UMG 96RM-E 24V and 5222062 for Janitza UMG 96RM-E 230V. These...
Tenda G1 安全漏洞
Tenda G1 is an enterprise-level AP management router produced by the Chinese company Tenda. There is a security vulnerability in Tenda G1, which stems from hard-coded passwords in the /etc/ro/shadow file. This vulnerability could allow attackers to log in as root...
EUVD-2026-10345
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
EUVD-2026-10344
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
CVE-2026-29023 affects Keygraph Shannon’s router component. A hard-coded API key in the router configuration enables network attackers to authenticate if the router port is reachable, allowing them to proxy requests through the Shannon instance using the victim’s configured upstream provider API ...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
PT-2026-24097
Name of the Vulnerable Software and Affected Versions Keygraph Shannon affected versions not specified Description Keygraph Shannon contains a hard-coded API key within its router configuration. When the router component is enabled and accessible, network attackers can use this publicly known key...
Use of Hard-coded Cryptographic Key
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the authentication process when a static fallback JWT signing secret is used if no custom secret is configured. An...