25 matches found
EUVD-2009-0624
Malware in sbrugna...
EUVD-2004-1688
Malware in sbrugna...
EUVD-2002-1618
Malware in sbrugna...
EUVD-2007-5358
Malware in sbrugna...
EUVD-2002-0307
Malware in sbrugna...
EUVD-2009-0619
Malware in sbrugna...
CVE-2009-0621
Cisco ACE 4710 Application Control Engine Appliance before A18a uses default 1 usernames and 2 passwords for a the administrator, b web management, and c device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval', 'Description' = %q| This module identifies IPMI 2.0-compatible systems and attempts to retrie...
Mitigating Attacks Against Uninterruptable Power Supply Devices
CISA and the Department of Energy DOE are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply UPS devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergen...
Hackers are exploiting a new zero-day flaw in GPON routers
Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven't yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerability in the wild. Security researchers from...
Hacking Traffic Lights is Amazingly Really Easy
Hacking Internet of Things IoTs have become an amazing practice for cyber criminals out there, but messing with Traffic lights would be something more crazy for them. The hacking scenes in hollywood movies has just been a source of entertainment for the technology industry, like we've seen traffi...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUTFILE option and then cracked using hmacsha1crack.rb in the tools subdirectory as well hashcat cpu 0.46 or newer using...
Camtron CMNC-200 IP Camera - Undocumented Default Accounts
Finding 4: Undocumented Default Accounts CVE: CVE-2010-4233 The CMNC-200 IP Camera has undocumented default accounts on its Linux operating system. These accounts can be used to login via the cameras telnet interface, which cannot be normally disabled. The usernames and passwords are listed below...
CVE-2009-0616
Cisco Application Networking Manager ANM before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."...
Design/Logic Flaw
Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.1 uses default 1 usernames and 2 passwords for a the administrator and b web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access...
CVE-2009-0616
Cisco Application Networking Manager ANM before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."...
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Document ID: 109450 Advisory ID: cisco-sa-20090225-ace...
CVE-2007-5382
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine WLSE 4.1.91.0 and earlier to Cisco Wireless Control System WCS creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges...
CVE-2007-5382
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine WLSE 4.1.91.0 and earlier to Cisco Wireless Control System WCS creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges...
CVE-2002-1637
Multiple components in Oracle 9i Application Server 9iAS are installed with over 160 default usernames and passwords, including 1 SYS, 2 SYSTEM, 3 AQJAVA, 4 OWA, 5 IMAGEUSER, 6 USER1, 7 USER2, 8 PLSQL, 9 DEMO, 10 FINANCE, and many others, which allows attackers to gain privileges...