121 matches found
CVE-2018-18929
The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username and password. This can be found by a limited user account in an "unattend.xml" file left over on the C: drive from the Sysprep process. An attacker with this username a...
CVE-2019-5635
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the...
Default credentials
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the...
CVE-2019-5635 Hickory Smart Lock Cleartext Password
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the...
CVE-2019-11081
A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server...
CVE-2019-11081
A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server...
Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE
UPDATE Cisco Systems has issued a second warning for a critical static credential bug in its IOS XE software, which allows an unauthenticated attacker to gain access to targeted systems. The security bulletin comes more than six months after the company initially reported the bug and provided a...
CVE-2018-0150
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due...
Cisco Patches Two Critical RCE Bugs in IOS XE Software
Three critical vulnerabilities were patched by Cisco Systems on Wednesday, each tied to the company’s widely used internetworking operating system IOS XE. Two of the bugs are remote code execution vulnerabilities that could allow an attacker to take control over affected systems. The critical bug...
Cisco IOS XE Software Static Credential Vulnerability
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot. The vulnerability is due to an undocumented user account with...
Asus Faces 20 years of Audits Over Poor Wi-Fi Router Security
Currently, Asus is undergoing through a troublesome situation after a lawsuit had been filed by the US Federal Trade Commission FTC regarding its Router Insecurity. On Tuesday, FTC settled charges with Asus, where the hardware manufacturing company agrees to: Undergo Independent Security Audits...
American Internet Emergency Response Center CERT: Seagate wireless hard drive to a vulnerability-vulnerability warning-the black bar safety net
! American Internet emergency center released a on Seagate wireless hard drive with a warning, because the products were found to have multiple vulnerabilities could be exploited by attackers to download to disk all of the files. The default“root”login American Internet emergency center noted:...
CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution
Exploit for php platform in category web applications Exploit Title: CIK Telecom VoIP router SVG6000RW Privilege Escalation and Command Execution Date: 2014/12/10 Exploit Author: Chako Vendor Homepage: https://www.ciktel.com/ Description: CIK Telecom VoIP router SVG6000RW has a Privilege Escalati...
CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution
Exploit Title: CIK Telecom VoIP router SVG6000RW Privilege Escalation and Command Execution Date: 2014/12/10 Exploit Author: Chako Vendor Homepage: https://www.ciktel.com/ Description: CIK Telecom VoIP router SVG6000RW has a Privilege Escalation vulnerabilitie and can lead to Command Execution...
CIK Telecom SVG6000RW Default Account / Command Execution
Exploit Title: CIK Telecom VoIP router SVG6000RW Privilege Escalation and Command Execution Date: 2014/12/10 Exploit Author: Chako Vendor Homepage: https://www.ciktel.com/ Description: CIK Telecom VoIP router SVG6000RW has a Privilege Escalation vulnerabilitie and can lead to Command Execution...
Internet Security Systems ICECap Manager 2.0.23 Default Username and Password
No description provided by source. source: http://www.securityfocus.com/bid/1216/info ICECap Manager is a management console for BlackICE IDS Agents and Sentries. By default, ICECap Manager listens on port 8081, transmits alert messages to another server on port 8082, and has an administrative...
Novell Groupwise 5.5/6.0 Servlet Gateway Default Authentication Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3697/info Novell Groupwise Servlet Gateway is a product that allows Java servlets to be run with NetWare, using Novell JVM for NetWare v1.1.7b and NetWare Enterprise Web Server. A remote attacker may gain access to the...
CVE-2013-6884
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-6884
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-5430
The Jazz Team Server component in IBM Security AppScan Enterprise 8.x before 8.8 has a default username and password, which makes it easier for remote authenticated users to obtain unspecified access to this component by leveraging this credential information in an environment with applicable...