Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.7 views

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

7.1CVSS5.9AI score0.08943EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 5:25 a.m.3 views

CVE-2026-33037

WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...

8.1CVSS6.3AI score0.00672EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.7 views

NetBird VPN 安全漏洞

NetBird VPN is an open source proxy software from NetBird. A security vulnerability exists in NetBird VPN that stems from the failure to remove or change the default administrator account password created by ZITADEL during installation...

9.3CVSS6.6AI score0.0038EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/14 3:49 p.m.12 views

CVE-2025-8452

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...

9.8CVSS7.2AI score0.7656EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 3:23 p.m.5 views

CVE-2025-8452 Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., Toshiba Tec, and Konica Minolta, Inc.

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...

4.3CVSS6.7AI score0.00227EPSS
Exploits0References5
CVE
CVE
added 2025/08/12 3:23 p.m.29 views

CVE-2025-8452

CVE-2025-8452 leverages eSCL or SNMP to retrieve a printer’s serial number and then applies the technique described in CVE-2024-51978 to derive the default administrator password. If the password remains at its default, an attacker could gain admin access; changing the password mitigates the risk...

4.3CVSS7.1AI score0.00227EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/27 8:20 a.m.7 views

CVE-2024-51978

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP...

9.8CVSS7.5AI score0.7656EPSS
Exploits0References1
NVD
NVD
added 2025/06/25 8:15 a.m.23 views

CVE-2024-51978

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP...

9.8CVSS0.23635EPSS
Exploits0References13
OSV
OSV
added 2023/12/05 6:15 p.m.5 views

CVE-2023-6448

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...

9.8CVSS5.8AI score0.02089EPSS
Exploits0References5
OSV
OSV
added 2021/07/19 12:15 p.m.5 views

CVE-2021-35965

The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in...

9.8CVSS5.8AI score0.02378EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/07/19 12:0 a.m.5 views

PT-2021-21085 · Orca Hcm · Orca Hcm

Name of the Vulnerable Software and Affected Versions: Orca HCM digital learning platform affected versions not specified Description: The issue concerns the use of a weak factory default administrator password in the Orca HCM digital learning platform. This password is hard-coded in the source...

10CVSS9.5AI score0.02378EPSS
Exploits0References4
OSV
OSV
added 2019/02/12 7:29 p.m.2 views

CVE-2019-1688

A vulnerability in the management web interface of Cisco Network Assurance Engine NAE could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service DoS condition on the server. The vulnerability is due to a fault in the password management system of NAE. ...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/10/11 12:0 a.m.4 views

The vulnerability of the Microprogrammed Routing Software of the Axesstel MU553S router lies in the use of the default standard password for the administrator account, allowing attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogrammed routing software Axesstel MU553S is related to the default use of a standard password for the administrator account. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

10CVSS7.8AI score0.01405EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.9 views

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

7.5CVSS7AI score0.00345EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/01/30 12:0 a.m.21 views

GLSA-200601-15 : Paros: Default administrator password

The remote host is affected by the vulnerability described in GLSA-200601-15 Paros: Default administrator password Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator 'sa'. Impact : Since th...

7.5CVSS5.9AI score0.02154EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.13 views

SMC2804WBR Default Credentials (HTTP)

The remote host is a SMC2804WBR access point. This host is installed with a default administrator password smcadmin which has not been modified. SPDX-FileCopyrightText: 2004 Audun Larsen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/01/22 12:0 a.m.58 views

Enhydra Multiserver Default Password

This system appears to be running the Enhydra application server configured with the default administrator password of 'enhydra'. A potential intruder could reconfigure this service and use it to obtain full access to the system. This script was written by H D Moore See the Nessus Scripts License...

4.6CVSS8.1AI score0.0356EPSS
Exploits3References1
Cvelist
Cvelist
added 2002/07/15 4:0 a.m.24 views

CVE-2002-0667

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone...

6.9AI score0.02615EPSS
Exploits0References4
Rows per page
Query Builder