86 matches found
CVE-2018-0375
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, static user...
Tenda AC15 Authentication Vulnerability
Tenda AC15 is a wireless router product from Tenda, a Chinese company. A security vulnerability exists in the Tenda AC15, which originates from some default accounts on the device having root privileges. The vulnerability can be exploited by a remote attacker to create a telnetd service by sendin...
CVE-2016-1561
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorizedkeys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image...
Trango Altum AC600 Default Root Login Vulnerability
Exploit for hardware platform in category web applications + Credits: Ian Ling + Website: iancaling.com + Source: http://blog.iancaling.com/post/155395764003 Vendor: ================= https://www.trangosys.com/ Product: ====================== -Altum AC600 Vulnerability Details:...
Trango Altum AC600 Default Root Login
Credits: Ian Ling + Website: iancaling.com + Source: http://blog.iancaling.com/post/155395764003 Vendor: ================= https://www.trangosys.com/ Product: ====================== -Altum AC600 Vulnerability Details: ===================== Trango Altum AC600a2s have a default root login...
MileSight camera default SSH root user vulnerability
MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. MileSight camera has a default SSH root user vulnerability. An attacker can use the vulnerability to log in to the device via root and obtain the highest privileges of the device...
CVE-2016-4474
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 Liberty director and Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo director aka overcloud-full use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors...
CVE-2016-4474
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 Liberty director and Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo director aka overcloud-full use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors...
CVE-2016-4474
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 Liberty director and Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo director aka overcloud-full use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors...
FibeAir IP-10 Authentication Bypass
Credits: Ian Ling + Website: iancaling.com Vendor: ================= www.ceragon.com Product: ====================== -FibeAir IP-10 Vulnerability Type: =================== Default Root Account CVE Reference: ============== N/A Vulnerability Details: ===================== Ceragon FibeAir IP-10...
overcloud-full: Default root password set
An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default...
overcloud-full: Default root password set
An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default...
CVE-2016-4474
An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default...
The vulnerability of the Zhuhai RaySharp video surveillance software allows a intruder to gain access to protected information.
The software of the video surveillance device Zhuhai RaySharp has a default root user password. Exploiting this vulnerability allows a malicious actor to gain access to protected information via the TCP port 23 or 9000...
Cisco Nexus 3000/3500 Switch Default Credentials Vulnerability
Cisco Nexus is Cisco's family of network switches designed for data centers. A security vulnerability exists in NX-OS on Cisco Nexus 3000 series switches and Cisco Nexus 3500 platform switches, which originates from a user account that is created during installation and cannot be deleted or...
OpenELEC and RasPlex have a hard-coded SSH root password
Overview OpenELEC and derivatives utilize a hard-coded default root password, and enable SSH root access by default. Description CWE-259: Use of Hard-coded Password OpenELEC has a hard-coded root password. The root partition is by default read-only, preventing a user from changing the password on...
FingerTec Fingerprint Reader - Remote Access and Remote Enrolment
FingerTec Fingerprint Reader - Remote Access and Remote Enrolment Exploit Title: Default Root Password and Remote Enrollment on FingerTec Devices Date: 12-01-2016 Exploit Author: Daniel Lawson Contact: http://twitter.com/fang0654 Website: https://digital-panther.com Category: physical access...
FingerTec Fingerprint Reader - Remote Access and Remote Enrolment
Exploit Title: Default Root Password and Remote Enrollment on FingerTec Devices Date: 12-01-2016 Exploit Author: Daniel Lawson Contact: http://twitter.com/fang0654 Website: https://digital-panther.com Category: physical access control 1. Description Almost all FingerTec Access Control devices are...
ZTE ZXHN H108N R1A Default Account Privilege Bypass Vulnerability
The ZTE ZXHN H108N R1A is a wireless router product from China's ZTE Corporation. ZTE ZXHN H108N R1A ZTE.bhs.ZXHNH108NR1A.hPE The root account uses the 'root' password, which can be exploited by a remote attacker to take full control of the device when the system is enabled with Telnet service...
Grandstream GXV3275 1.0.3.30 - Multiple Vulnerabilities
Grandstream GXV3275 1.0.3.30 - Multiple Vulnerabilities The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public ke...