2443 matches found
PT-2026-6779
Name of the Vulnerable Software and Affected Versions PlaciPy version 1.0.0 Description PlaciPy, a placement management system for educational institutions, uses a hard-coded, static default password for all newly created student accounts in version 1.0.0. This allows for mass account takeover,...
CVE-2022-50981
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2022-50981
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2022-50981
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
EUVD-2022-55958
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2022-50981
CVE-2022-50981 affects Innomic VibroLine VLX HD 5.0 and avibia AVLX (per CVE records). Affected devices are shipped with no password by default, and password setting is not enforced. This creates an unauthenticated remote access risk where an attacker could gain full control. The Red Hat, NVD, CV...
PT-2026-5668
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...
CVE-2026-24429
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
CVE-2025-59108
By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2026-24429
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
CVE-2026-24429
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
CVE-2026-24429 Tenda W30E V2 Hardcoded Default Password for Built-in Account
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
EUVD-2026-4678
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
CVE-2026-24429 Tenda W30E V2 Hardcoded Default Password for Built-in Account
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated acce...
CVE-2025-59108
By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced...
CVE-2025-59108 Weak Default Passwords in dormakaba access manager
By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced...
CVE-2025-59108 Weak Default Passwords in dormakaba access manager
By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced...