CVE-2019-3497

The CVE-2019-3497 issue affects Wifi-soft UniBox controller 0.x–2.x. The Diagnostic Tools’ tools/ping feature is vulnerable to Remote Command Execution, enabling an attacker to run arbitrary system commands as root. Authentication for this component can be bypassed using hard-coded credentials. T...

CVE-2019-3496

The CVE-2019-3496 entry describes a Remote Command Execution vulnerability in Wifi-soft UniBox controller 3.x, specifically affecting the Diagnostic Tools Controller at tools/controller/diagnostic_tools_controller. The flaw allows an attacker to execute arbitrary system commands with root privile...

CVE-2019-3496

An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostictoolscontroller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authenticati...

CVE-2019-3495

The CVE-2019-3495 entry describes a vulnerability in Wifi-soft UniBox controller (0.x–2.x) where the component network/mesh/edit-nds.php allows arbitrary file upload, enabling an attacker to upload .php files and execute code on the server with root privileges. Authentication to access this compo...

CVE-2019-3495

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be...

Intel 7th Generation Intel Core Processor and 8th Generation Intel Core Processor Trust Management Issues Vulnerability

The Intel 8th Generation Intel Core Processor and Intel 7th Generation Intel Core Processor are both products of Intel Corporation.The Intel 8th Generation Intel Core Processor is an Intel 8th Generation Intel Core Processor. The Intel 8th Generation Intel Core Processor is an eighth-generation...

CVE-2019-3918

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces...

CVE-2019-3918

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces...

CVE-2019-3918

The CVE-2019-3918 entry concerns the Alcatel Lucent I-240W-Q GPON ONT with firmware 3FE54567BOZJ19, which contains multiple hard coded credentials for Telnet and SSH interfaces. The vulnerability is supported by multiple sources: NVD details show a network-facing issue with high impact (C/H/I/A) ...

CVE-2019-3918

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces...

PT-2019-16773 · Alcatel Lucent · Alcatel Lucent I-240W-Q Gpon Ont

Name of the Vulnerable Software and Affected Versions: Alcatel Lucent I-240W-Q GPON ONT version 3FE54567BOZJ19 Description: The issue concerns the presence of multiple hard-coded credentials for the Telnet and SSH interfaces in the affected device. This could potentially allow unauthorized access...

Unspecified Vulnerability in IBM Security Identity Governance Virtual Appliance (CNVD-2019-05555)

IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment and identity management. A security vulnerability exists in the IBM Security Identity...

Teracue ENC-400 - Command Injection Missing Authentication

Teracue ENC-400 - Command Injection Missing Authentication Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they...

Teracue ENC-400 - Command Injection / Missing Authentication

Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they are not all resolved with the latest version of the...

CVE-2018-1944

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM...

CVE-2018-1944

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM...

CVE-2018-1944

Summary: CVE-2018-1944 affects IBM Security Identity Governance and Intelligence (IGI) Virtual Appliance, specifically versions 5.2 through 5.2.4.1. The root cause is hard-coded credentials (passwords or cryptographic keys) used for inbound authentication, outbound communication to external compo...

CVE-2018-1944

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM...

Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities

Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities. Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including...

Hard-Coded Vulnerability in Telecommunications Science and Technology No.1 Institute's In-vehicle Surveillance System Software

The First Institute of Telecommunications Science and Technology hereinafter referred to as "Telecom One" is a national professional research institute in the field of communications in China, and is now one of the core enterprises of the Institute of Telecommunications Science and Technology ITS...