Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity Vulnerability

The grub password for all Barracuda WAF V360 virtual appliances is four characters in length and, as a result, may be trivially easy to crack. Firmware version 8.0.1.014 is affected. Title: Barracuda WAF Grub Password Complexity 1. Vulnerability Details Affected Vendor: Barracuda Affected Product...

HP SiteScope Multiple Vulnerabilities (HPESBGN03763)

The version of HP SiteScope running on the remote host is 11.2x or 11.3x. It is, therefore, affected by multiple vulnerabilities : - A cryptographic weakness exists in the sspu.jar library due to the use of hard-coded encryption keys. A local attacker can exploit this to disclose potentially...

Barracuda WAF Grub Password Complexity

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-259: Use of Hard-coded Password Impact: Privileged Access Attack vector: Password Cracking 2. Vulnerability...

Fortinet FortiWLM Command Execution Vulnerability

Fortinet FortiWLM is a wireless network device management platform developed by the U.S. Fiat Fortinet. A security vulnerability exists in the hard-coded password account named 'upgrade' in Fortinet FortiWLM 8.3.0 and prior versions. A remote attacker could exploit this vulnerability to execute...

Pilot Future (Beijing) Technology Co., Ltd. digital campus learning platform has an administrator arbitrary password login vulnerability

Microknowledge Base is to provide a platform for the operation and management of self-resource libraries. An administrator arbitrary password login vulnerability exists in the Digital Campus Learning Platform. The vulnerability stems from a hard-coded or permission judgment business logic...

Hardcoded credentials

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2016-9358

CVE-2016-9358 is a hard-coded passwords vulnerability affecting Marel Food Processing Systems, notably the M3000 terminal and related components (M3210 terminal, M3000 desktop software, MAC4 controller, SensorX/X-ray and MWS2 devices) across numerous systems (A320, A325, A371, A520 Master/Slave, ...

CVE-2017-6022

CVE-2017-6022 affects BD PerformA (v2.0.14.0 and earlier) and KLA Journal Service (v1.0.51 and earlier); hard-coded credentials allow remote access to the BD Kiestra Database, risking confidentiality of PHI/PII. Exploitation is remote-feasible; no public exploits are cited. Remediation: apply upd...

CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

Schneider Electric U.motion Builder (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Schneider Electric Equipment: U.motion Builder --------- Begin Update A Part 1 of 5 -------- Vulnerabilities: SQL Injection, Path Traversal, Improper...

Hard-coded credentials vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains hard-coded credentials. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

Hard-coded credentials vulnerability in Toshiba Home gateway HEM-GW16A firmware

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. A hard-coded credentials vulnerability exists in the TOSHIBA Home Gateway HEM-GW26A using firmware version HEM-GW26A-FW-V1.2.0 and earlier and the TOSHIBA Home Gateway HEM-GW16A...

JVN#85901441: Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway

Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. Non-documented developer's screen CWE-912 - CVE-2017-2234 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.4 CVSS v2|...

CVE-2016-8731

Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device...

CVE-2016-8731

CVE-2016-8731 affects Foscam C1 IP Camera firmware 1.9.1.12, where hard-coded FTP credentials (user: r, pass: r) allow remote FTP access to the camera if port 50021 is reachable. Public analysis confirms the vulnerability enables remote login to the camera’s FTP service and mounted SD card, with ...