CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2015/09/15 12:0 a.m.•30 views

TP-Link NC200NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

TP-Link NC200NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: NC220 V1 1.0.28 Build 150629 Rel.22346 NC200 V1 2.0.15 Buil...

Exploit DB•added 2015/09/15 12:0 a.m.•41 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: NC220 V1 1.0.28 Build 150629 Rel.22346 NC200 V1 2.0.15 Build 150701 Rel.20962 Summary: Designed with simplicity in mind, TP-LINK's...

Zero Science Lab•added 2015/09/14 12:0 a.m.•168 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials

Summary Designed with simplicity in mind, TP-LINK's Cloud Cameras are a fast and trouble free way to keep track on what's going on in and around your home. Video monitoring, recording and sharing has never been easier with the use of TP-LINK’s Cloud service. The excitement of possibilities never...

5.8AI score

Packet Storm•added 2015/09/14 12:0 a.m.•34 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials

CERT•added 2015/09/09 12:0 a.m.•29 views

Impero Education Pro classroom management software vulnerable to remote code execution

Overview Impero Software Education Pro classroom management software is vulnerable to remote code execution via improper encryption and authentication mechanisms. Description CWE-321: Use of Hard-coded Cryptographic KeyCWE-329: Not Using a Random IV with CBC Mode - CVE-2015-5997 According to the...

10CVSS7.8AI score0.0072EPSS

myhack58•added 2015/09/09 12:0 a.m.•5323 views

Hikvision a network camera to the anonymous user to bypass the login permissions-bug warning-the black bar safety net

Network Camera firmware internal for the convenience of visitors to access, curing an anonymous account, which in most cases is disabled, but can be a base64 hard-coded way to create a cookie to bypass the login permissions review. User: anonymous Password：\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7 !...

The Hacker News•added 2015/09/07 6:46 a.m.•50 views

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an “undocumented Telnet services” with a hard-coded password in Seagate Wireless Hard...

10CVSS9.5AI score0.03018EPSS

Exploits2

CNVD•added 2015/09/02 12:0 a.m.•1 views

Basware Banking Trust Management Vulnerability (CNVD-2015-05813)

Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which stems from the use of hard-coded passwords for ANCO...

6.5CVSS7AI score0.00191EPSS

CNVD•added 2015/09/02 12:0 a.m.•2 views

Basware Banking Trust Management Vulnerability (CNVD-2015-05812)

6.5CVSS7AI score0.00191EPSS

CERT•added 2015/09/01 12:0 a.m.•83 views

Seagate and LaCie wireless storage products contain multiple vulnerabilities

Overview Multiple Seagate wireless storage products contain multiple vulnerabilities. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-2874 Some Seagate wireless storage products provide undocumented Telnet services accessible by using the default credentials of 'root' as username an...

10CVSS8.9AI score0.03018EPSS

Exploits3References5

CERT•added 2015/08/31 12:0 a.m.•53 views

Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities

Overview The Phillipine Long Distance Telephone PLDT company provides internet access in the Phillippines. The SpeedSurf 504AN and Kasda KW58293 modems distributed by PLDT contain multiple vulnerabilities. The BaudTec ADSL2+ Router may also be affected. Description PLDT provides SpeedSurf 504AN,...

7.8CVSS6.9AI score0.01834EPSS

ICS•added 2015/08/27 6:0 a.m.•33 views

Moxa OnCell Central Manager Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning hardcoded credentials and authentication bypass vulnerabilities in Moxa’s OnCell Central Manager Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. Moxa has released a...

8.3CVSS9.3AI score0.00373EPSS

Exploits0References10

ThreatPost•added 2015/08/26 10:33 a.m.•8 views

CERT Warns of Hard-Coded Credentials in DSL SOHO Routers

DSL routers from a number of manufacturers contain hard-coded credentials that could allow a hacker to access the devices via telnet services and remotely control them. An advisory published Tuesday by the DHS-sponsored CERT at the Software Engineering Institute at Carnegie Mellon University said...

0.7AI score

Exploits0References4

CNVD•added 2015/08/25 12:0 a.m.•1 views

Mobile Devices C4 OBD2 Dongle Privilege Access Vulnerability (CNVD-2015-05628)

The Mobile Devices aka MDI C4 OBD2 Dongle is a programmable OBD2 solution from the French company Mobile Devices. A security vulnerability exists in the Mobile Devices C4 OBD2 Dongle that stems from the program's use of hard-coded SSH certificates. The vulnerability can be exploited by a remote...

9CVSS7.1AI score0.00397EPSS

CNVD•added 2015/08/25 12:0 a.m.•2 views

Actiontec GT784WN Modem Privilege Gain Vulnerability

The Actiontec GT784WN is a DSL Digital Subscriber Line modem router from Actiontec USA. A security vulnerability exists in Actiontec GT784WN modems using firmware versions prior to NCS01-1.0.13, which stems from the program's use of hard-coded certificates. A remote attacker could exploit the...

8.3CVSS7.1AI score0.00258EPSS

CERT•added 2015/08/25 12:0 a.m.•96 views

DSL routers contain hard-coded "XXXXairocon" credentials

Overview DSL routers by ASUS, DIGICOM, Observa Telecom, Philippine Long Distance Telephone PLDT, and ZTE contain hard-coded "XXXXairocon" credentials Description CWE-798: Use of Hard-coded Credentials DSL routers, including the ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine...

9.3CVSS6.5AI score0.25021EPSS

Exploits6References5

CNVD•added 2015/08/22 12:0 a.m.•2 views

KAKO HMI Hardcoded Password Security Bypass Vulnerability

KAKO HMI is a Scada HMI. The KAKO HMI has a built-in hard-coded password that allows a remote attacker to exploit a vulnerability to bypass authentication mechanisms and gain access to affected devices...