13 matches found
EUVD-2021-12934
Malware in sbrugna...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
Hardcoded credentials
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
CVE-2023-22599
InRouter 302 (all versions prior to IR302 V3.5.56) and InRouter 615 (all versions prior to InRouter6XX-S-V2.3.0.r5542) are affected by CWE-760: Use of a One-way Hash with a Predictable Salt. The MQTT credentials are encoded using a hardcoded string in an MD5 hash, which an unauthenticated attacke...
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
CVE-2021-26113 affects Fortinet FortiWAN prior to 4.5.9. The issue is a vulnerability in the password hashing process: a one‑way hash is used with a predictable salt (CWE-760). If an attacker has obtained the password file, they may be able to guess stored passwords. No exploitation details are p...
CVE-2020-28214
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
Code injection
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
CVE-2020-28214
CVE-2020-28214 affects Schneider Electric Modicon M221 PLCs (all references, all versions). The vulnerability is described as CWE-760: Use of a One-Way Hash with a Predictable Salt, which could allow an attacker to pre-compute hash values using dictionary attacks (e.g., rainbow tables), effective...
CVE-2020-28214
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
CVE-2019-12737
CVE-2019-12737 affects JetBrains Kotlin Ktor framework prior to 1.2.0-rc, where UserHashedTableAuth stores credentials using a one-way hash with a predictable salt. This weakens credential protection and aligns with the NVD CVSS 2.0/3.1 scores (base ~5.0–5.3, MEDIUM). The issue is documented acro...