CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

6.3CVSS7.1AI score0.00029EPSS

Exploits1References4

RedhatCVE•added 2025/05/23 12:8 a.m.•3 views

CVE-2022-25806

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key...

8.8CVSS6.9AI score0.0042EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:5 a.m.•3 views

CVE-2014-10069

Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the umauthaccountpassword field...

7.5CVSS6.6AI score0.05607EPSS

Exploits0References1

NVD•added 2022/06/09 4:15 a.m.•8 views

CVE-2022-25807

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...

5.5CVSS0.00051EPSS

Exploits1References2

OSV•added 2022/06/09 4:15 a.m.•0 views

CVE-2022-25806

8.8CVSS5.8AI score0.0042EPSS

Exploits1References2

Prion•added 2022/06/09 4:15 a.m.•14 views

Hardcoded credentials

2.1CVSS5.4AI score0.00051EPSS

Exploits1References2Affected Software1

Prion•added 2022/06/09 4:15 a.m.•7 views

Hardcoded credentials

6.5CVSS8.5AI score0.0042EPSS

Exploits1References2Affected Software1

CVE•added 2022/06/09 12:45 a.m.•65 views

CVE-2022-25806

IGEL UMS 6.07.100 contains a hardcoded DES key in PrefDBCredentials, enabling an attacker who has obtained encrypted superuser credentials to decrypt them with a static 8-byte DES key. This affects IGEL Universal Management Suite and allows confidentiality/integrity/availability impact as describ...

8.8CVSS8.5AI score0.0042EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/06/09 12:45 a.m.•12 views

CVE-2022-25807

5.7AI score0.00051EPSS

Exploits1References2

CVE•added 2022/06/09 12:45 a.m.•77 views

CVE-2022-25807

IGEL Universal Management Suite (UMS) 6.07.100 contains a hardcoded DES key in the LDAPDesPWEncrypter class. This allows an attacker who gains access to encrypted LDAP bind credentials to decrypt them using a static 8-byte DES key. The connected documents provide concrete details of the affected ...

5.5CVSS5.4AI score0.00051EPSS

Exploits1References2Affected Software1

CNNVD•added 2022/06/09 12:0 a.m.•2 views

IGEL Universal Management Suite 信任管理问题漏洞

The IGEL Universal Management Suite IGEL UMS is a single management solution from IGEL Germany. It can be used for up to tens of thousands of endpoints running IGEL OS. A security vulnerability exists in IGEL Universal Management Suite UMS version 6.07.100, which stems from a hard-coded DES key...

5.5CVSS5.7AI score0.00051EPSS

Exploits1References3

OSV•added 2019/09/16 5:15 p.m.•2 views

CVE-2019-13140

Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...

6.5CVSS6.7AI score

Exploits0References4

ATTACKERKB•added 2019/09/16 5:15 p.m.•2 views

CVE-2019-13140

6.5CVSS5.7AI score0.01158EPSS

Exploits5References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by