CVE-2026-2616

A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the...

CVE-2026-2616 Beetel 777VR1 Web Management hard-coded credentials

A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the...

CVE-2026-2616 Beetel 777VR1 Web Management hard-coded credentials

A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the...

CVE-2026-2616

CVE-2026-2616 affects Beetel 777VR1 (Web Management Interface) up to version 01.00.09. The vulnerability arises in an unknown function of the Web Management Interface, leading to hard-coded credentials exposure. An attacker on the local network can leverage this to gain unauthorized access; explo...

PT-2026-20239

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software uses hard-coded user credentials, potentially allowing a remote attacker to obtain sensitive information or perform unauthorized actions. Recommendations Update to a version...

PT-2026-20311

Name of the Vulnerable Software and Affected Versions Glory RBG-100 recycler systems using the ISPK-08 software component affected versions not specified Description The Glory RBG-100 recycler systems, utilizing the ISPK-08 software component, are susceptible to unauthorized access due to...

IBM Concert 信任管理问题漏洞

IBM Concert is a new tool developed by the American international business company IBM. It utilizes generative AI to assist in managing complex cloud-native applications. Versions 1.0.0 to 2.1.0 of IBM Concert contained vulnerabilities related to trust management. These vulnerabilities stemmed fr...

GLORY RBG-100 安全漏洞

GLORY RBG-100 is a cash recycling machine from the British company GLORY. There is a security vulnerability in GLORY RBG-100; this vulnerability stems from the ISPK-08 software component containing hard-coded operating system credentials, which may allow unauthorized remote access and complete...

Dell RecoverPoint for Virtual Machines 信任管理问题漏洞

Dell RecoverPoint for Virtual Machines is a simple and efficient operating and disaster recovery solution provided by the American company Dell. It is suitable for virtualized applications in VMware environments. Versions of Dell RecoverPoint for Virtual Machines prior to 6.0.3.1.HF1 contained a...

Beetel 777VR1 信任管理问题漏洞

Beetel 777VR1 is a router produced by the Beetel company. Versions of Beetel 777VR1 starting from 01.00.09 and earlier have a vulnerability related to trust management. This vulnerability stems from hard-coded credentials present in the web management interface...

PT-2026-20334

Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09 Description A security issue exists in the Web Management Interface component of Beetel 777VR1. The issue involves hard-coded credentials, potentially allowing unauthorized access. The attack requires loca...

Exploit for CVE-2026-26335

👤 Author Mohammed Idrees Banyamer Security Researcher...

WordPress plugin Prime Listing Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

Heatmiser Netmonitor 信任管理问题漏洞

Heatmiser Netmonitor is a thermostat system controller developed by the Heatmiser company. Version 3.03 of Heatmiser Netmonitor contains a vulnerability related to trust management. This vulnerability arises from hard-coded credentials on the networksetup.htm page, which may allow unauthorized...

CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

CVE-2026-25803

CVE-2026-25803 – 3DP-MANAGER uses hard-coded admin credentials . The Red Hat, NVD, and related feeds report that, through version 2.0.1 and earlier, 3DP-MANAGER automatically creates an administrative account with default credentials (admin/admin) on first initialization. If an attacker can reach...

CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

CVE-2026-25753

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...

CVE-2026-25753

PlaciPy (educational placement system) v1.0.0 has a hard-coded, static default password for all newly created student accounts, enabling mass account takeover. The vulnerability, described across multiple sources (NVD, Red Hat, CVE lists, OSV, ENISA, Attackerkb), states that any attacker who know...

CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover)

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...