EUVD-2019-4855

Malware in sbrugna...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

CVE-2019-13352 affects WolfVision Cynap prior to version 1.30j. The vulnerability arises from a static, hard-coded cryptographic secret used to generate support PINs for the forgotten-password feature, enabling an attacker who knows the secret and the calculation method to reset the ADMIN passwor...

WolfVision Cynap 1.18g / 1.28j Hardcoded Credential

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-021 Product: Cynap Manufacturer: WolfVision Affected Versions: 1.18g, 1.28j Tested Versions: 1.18g, 1.28j Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Risk Level: High Solution Status: Fixed Manufacturer...