22 matches found
CVE-2020-7533
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests...
CVE-2018-7788
A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection...
Schneider Electric Modicon Credentials Management Errors (CVE-2020-7533)
A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules see security notification for version information which could cause the execution of commands on the webserver without...
Nextcloud: A vulnerability classified as critical has been found in gsi-openssh-server 7.9p1 on Fedora (Connectivity Software) on server (http://95.217.64.181:22
Summary: " hello " vulnerability: GSI-OPENSSH-SERVER 7.9P1 ON FEDORA /ETC/GSISSH/SSHDCONFIG CREDENTIALS MANAGEMENT Description of problem: A vulnerability classified as critical has been found in gsi-openssh-server 7.9p1 on Fedora Connectivity Software on server http://95.217.64.181:22. This...
CVE-2020-7533
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests...
CVE-2020-7533
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests...
CVE-2020-7533
CVE-2020-7533 is a credential management/improper authentication issue affecting Schneider Electric Modicon Web Server components on M340, Quantum, and Premium Legacy offers, plus their Communication Modules. The vulnerability could allow an unauthenticated attacker to cause the web server to exe...
Code injection
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled...
CVE-2018-7820
The CVE-2018-7820 entry concerns the APC UPS Network Management Card 2 AOS v6.5.6. The vulnerability is a Credentials Management issue (CWE-255) where Remote Monitoring credentials could be viewed in plaintext when Remote Monitoring is enabled and then disabled. No in-document exploit details or ...
CVE-2018-7788
A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection...
Design/Logic Flaw
A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection...
CVE-2018-7788
CVE-2018-7788 affects Schneider Electric Modicon Quantum firmware prior to V2.40, due to a CWE-255 Credentials Management vulnerability that could yield a Denial of Service when using Telnet. Affects Modicon Quantum products with older firmware; remediation is to upgrade to V2.40 or later per SEV...
ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection
Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds Vendor - https://www.asustor.com/ Patch Notes - http://download.asustor.com/download/docs/releasenotes/RNADM3.1.3.RHU2.pdf Issue: The Asustor NAS appliance on ADM 3.1.0 and before suffer from multiple critical vulnerabilities. The...
Green Packet DX-350 contains insecure default credentials
Overview Green Packet DX-350 uses default credentials Description CWE-255: Credentials Management - CVE-2016-6552Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device. --- Impact A remote attacker can ta...
Intellian Satellite TV t-Series and v-Series firmware contains insecure default credentials
Overview Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses default credentials. Description CWE-255: Credentials Management- CVE-2016-6551Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp ...
SeaWell Networks Spectrum - Multiple Vulnerabilities
SeaWell Networks Spectrum - Multiple Vulnerabilities Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282...
ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities
Overview Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. Description CWE-255: Credentials Management - CVE-2009-5149The 'password of the day'...
Popular Belkin Wi-Fi Routers vulnerable to Hackers
US-CERT has outlined about Wireless routers developed by Belkin supposedly containing several vulnerabilities. CERT in their Vulnerability Note VU201168 Vulnerability ID said, that Belkin’s N600 DB Wireless Dual-Band N+ Router, model F9K1102 v2 with firmware version 2.10.17 and very likely earlie...
Ceragon FiberAir IP-10 Microwave Bridge contains a default root password
Overview Ceragon FiberAir IP-10 Microwave Bridge contains a default root password. Description CWE-255:Credentials Management Ceragon FiberAir IP-10 Microwave Bridges contain a default root password. The root account can be accessed through ssh, telnet, command line interface, or via HTTP. The...
Ammyy Admin 3.2 - Authentication Bypass
No description provided by source. Title: ==== Ammyy Admin - Hidden hard-coded option and Access Control vulnerability. Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ==== - CVE-2013-5581 for hidden hard-coded option...