79 matches found
CVE-2020-12734
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings...
CVE-2020-12047
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...
Hardcoded credentials
The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...
CVE-2020-1615
The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue...
D-Link DIR-823G Denial of Service Vulnerability
The D-Link DIR-823G is a wireless router from AUO D-Link of Taiwan, China. An access control error vulnerability exists in /bin/goahead in the D-Link DIR-823G with firmware version 1.02B03. An attacker can exploit this vulnerability to reset the router without authentication, resulting in a denia...
Unspecified Vulnerability in Dynacolor FCM-MB4
Dynacolor FCM-MB40 is an IP camera from Dynacolor, Taiwan, China. A security vulnerability exists in the Dynacolor FCM-MB40 v1.2.0.0, which originates from the /usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi files failing to execute the full factory settings...
CVE-2019-7389
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack...
Naming & Shaming Web Polluters: Xiongmai
What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai -- a Chinese maker of electronic parts th...
CVE-2017-5237
Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!"...
CVE-2017-5237
Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!"...
CVE-2017-5237
CVE-2017-5237 affects the Eview EV-07S GPS Tracker. The issue stems from a lack of authentication, allowing an unauthenticated user who knows the device’s phone number to revert it to factory default via an SMS command (“RESET!”). This corresponds to a high impact on availability (CVSSv3: 7.5) wi...
Hacker Breaks into Political Party's Video Conference System; Could Spy, too!
A critical flaw in the video conferencing software of the Quebec Liberal Party PLQ − a Canadian federalist provincial political party − allowed a user to spy on and hear the strategy discussions of the party at its premises and even access the live video camera feeds. But luckily, the unknown whi...
How to Restore NetScaler SDX to Factory Default Settings
This article describes how to restore NetScaler SDX to factory default settings. Important Points to Note 1. The procedure mentioned in this article is for troubleshooting or a last resort step only. The recommend procedure to restoreNetScaler SDX to factory default settings is using SVM GUI . 2...
CVE-2014-7233
GE Healthcare Precision THUNIS-800+ has a default password of 1 1973 for the factory default System Utilities menu, 2 TH8740 for installation using TH8740122Setup.exe, 3 hrml for "Setup and Activation" using DSASetup, and 4 an empty string for Shutter Configuration, which has unspecified impact a...
CVE-2013-7183
cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to 1 cause a denial of service reboot via a defaultreboot action or 2 reset all configuration values via a factorydefault action...
Google Chrome added pop-up warning to prevent users from Browser hijacking
GOOGLE, one of the most trusted brands continuously trying to keep its products more robust and secure for keeping its users safe. Google honors vulnerability hunters under its Bug bounty program and not only that, the company also offer a huge amount of reward to hackers in 'Pwnium' hacking...
Juniper Junos load factory-default Privilege Escalation (PSN-2012-07-646)
According to its self-reported version number, the remote Junos device has a privilege escalation vulnerability. When the 'load factory-default' command fails in exclusive edit mode, the user is no longer subject to any command or configuration restrictions. C Tenable Network Security, Inc...
CSRF vulnerabilities in ADSL modem Callisto 821+
Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough at Ukrtelecom about multiple...
CVE-2003-1346
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager...