Barracuda Load Balancer Hard-Coded Weak Credentials Vulnerability

Barracuda Load Balancer is an application delivery controller from Barracuda Networks. The controller provides protection against intrusions and attacks while optimizing application load and providing performance support. A security vulnerability exists in Barracuda Load Balancer version 5.0.0.01...

Multiple Westermo devices hard-coded to use encryption key vulnerability

The Westermo MRD-305-DIN, MRD-315 and MRD-355 are all router products from Westermo, Sweden. A security vulnerability exists in multiple Westermo devices. An attacker could exploit the vulnerability to decode traffic from other sources...

CVE-2014-8426

CVE-2014-8426 affects Barracuda Load Balancer ADC with firmware 5.0.0.015, where hard-coded weak credentials are present. Connected sources describe a hard-coded credential issue and related weaknesses (including SSH key issues and offline password-reset vectors) that could enable unauthorized ac...

Multiple Westermo Routers Hardcoded Password Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers are vulnerable to a hard-coded password vulnerability where the device uses a hard-coded special key that allows an attacker to decrypt traffic from any other source...

Hardcoded credentials

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source...

Hardcoded credentials

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

CVE-2017-12709

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

CVE-2017-12709

CVE-2017-12709 describes a local-authentication vulnerability in Westermo MRD-305-DIN (older than 1.7.5.0) and MRD-315, MRD-355, MRD-455 (older than 1.7.5.0). The root cause is the use of hard-coded credentials, which could allow an unauthorized local user with low privileges to access the device...

Multiple Westermo Routers Hardcoded for Unauthorized Access Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers have a hard-coded unauthorized access vulnerability, where the device uses hard-coded credentials that allow a local attacker to exploit the vulnerability to gain unauthorized access to the...

ICSA-17-236-01_Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Westermo Equipment: MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Vulnerabilities: Cross-Site Request Forgery CSRF, Use of Hard-Coded Credentials, and Use of Hard-Coded Cryptographic Key AFFECTED PRODUCTS The following...

ICSMA-17-229-01_Philips' DoseWise Portal Vulnerabilities

OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal DWP web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities...

Intercom MaLion for Windows and Mac Hard-Coded Encryption Key Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A security vulnerability exists in Intercom MaLion versions 3.2....

New IoT Bill Proposes Security Standards for Smart Devices

By this time, almost every one of you owns at least one internet-connected device—better known as the "Internet of things"—at your home, but how secure is your device? We have recently seen Car hacking that could risk anyone's life, Hoverboard hacking, even hacking of a so-called smart Gun and al...

Trend Micro Deep Discovery Director Hard-Coded Archive File Password Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A security vulnerability...

New Bill Seeks Basic IoT Security Standards

Lawmakers in the U.S. Senate today introduced a bill that would set baseline security standards for the government's purchase and use of a broad range of Internet-connected devices, including computers, routers and security cameras. The legislation, which also seeks to remedy some widely-perceive...

CVE-2017-11129

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

CVE-2017-11129

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

MEDHOST Document Management Information Disclosure Vulnerability (CNVD-2017-27413)

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System, which originate...

MEDHOST Document Management Hardcoded Certificate Disclosure Vulnerability

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System due to a...

MEDHOST Document Management Information Disclosure Vulnerability

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System, which originate...