8089 matches found
CVE-2019-9493
The CVE-2019-9493 vulnerability affects AutoMobility’s MyCar Controls mobile apps, where hard-coded admin credentials in the app could let a remote, unauthenticated attacker issue commands to a target MyCar unit and extract data (potential location disclosure or vehicle access). Affected versions...
CVE-2019-9493 MyCar Controls uses hard-coded credentials
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain...
FortiSIEM Database hard-coded Credentials
A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database via the use of static credentials...
Cisco Data Center Network Manager SecurityManager Hard-coded Cryptographic Key Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validation of SSO tokens of SOAP packets. The issue results from th...
WEMS BEMS 21.3.1 - Undocumented Backdoor Account Vulnerability
Exploit for hardware platform in category web applications Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL:...
Heatmiser Netmonitor 3.03 - Hardcoded Credentials
Heatmiser Netmonitor 3.03 - Hardcoded Credentials Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf...
WEMS BEMS 21.3.1 - Undocumented Backdoor Account
WEMS BEMS 21.3.1 - Undocumented Backdoor Account Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Date: 2019-12-30 Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL:...
User Name and Password Fields are Missing when Configuring a Newly Installed License Server
The License Server Configuration Tool Window does not have the option to enter the username and password for License Administration Console, after the License Server 11.10 is installed. Background Aftersuccessfully installing License Server 11.10, a License Server Configuration Window appears. Th...
SonicWall Email Security Appliance Trust Management Issue Vulnerability
SonicWall Email Security Appliance is an email security appliance from SonicWall USA. A vulnerability with trust management issues exists in SonicWall Email Security Appliance version 10.0.2 and earlier. The vulnerability stems from the lack of an effective trust management mechanism in a network...
CloudBees Jenkins WebSphere Deployer Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . WebSphere Deployer Plugin is used in which a...
CloudBees Jenkins Spira Importer Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Spira Importer Plugin is used in one of the SpiraPla...
duplicity trust management issue vulnerability
duplicity is a Linux-based file compression and backup utility. A trust management issue vulnerability exists in duplicity version 0.6.24. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can exploit default passwords o...
mcollective Trust Management Issues Vulnerabilities
mcollective is a framework for building Server Orchestration and parallel work execution systems. A trust management issue vulnerability exists in mcollective. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker could...
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Product web page: https://www.inim.biz Link:...
Inim Electronics Smartliving SmartLAN/G/SI 6.x Hard-Coded Credentials
Inim Electronics Smartliving SmartLAN/G/SI =6.x Hard-coded Credentials Vendor: INIM Electronics s.r.l. Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Affected version: =6.x Affected models: SmartLiving 50...
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials
Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Advisory ID: ZSL-2019-5546...
Inim Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials
Summary SmartLiving anti-intrusion control panel and security system provides important features rarely found in residential, commercial or industrial application systems of its kind. This optimized-performance control panel provides first-rate features such as: graphic display, text-to-speech,...
NetApp Clustered Data ONTAP Trust Management Issue Vulnerability
NetApp Clustered Data ONTAP is a set of storage operating system for clustered mode from the American company NetApp. A trust management issue vulnerability exists in NetApp Clustered Data ONTAP 9.0 and later versions, which arises from the lack of an effective trust management mechanism in a...
TitanHQ WebTitan has an unspecified vulnerability (CNVD-2019-44521)
TitanHQ WebTitan is a web content filter from TitanHQ Ireland. A security vulnerability exists in TitanHQ WebTitan versions prior to 5.18 that stems from the program's use of a hard-coded root password setting during installation. An attacker can exploit this vulnerability to gain root privileges...