Lucene search
K

1119 matches found

ATTACKERKB
ATTACKERKB
added 2022/04/06 10:15 a.m.6 views

CVE-2022-23440

A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...

7.8CVSS7.1AI score0.0019EPSS
Exploits0References2
OSV
OSV
added 2022/04/06 10:15 a.m.7 views

CVE-2022-23440

A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...

7.8CVSS7.1AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/06 9:30 a.m.25 views

CVE-2022-23440

A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...

7.8CVSS7.6AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2022/04/06 9:15 a.m.5 views

CVE-2022-23441

A use of hard-coded cryptographic key vulnerability CWE-321 in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors...

9.1CVSS7.3AI score0.00897EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/06 9:15 a.m.6 views

CVE-2022-23441

A use of hard-coded cryptographic key vulnerability CWE-321 in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors...

9.1CVSS7.3AI score0.00897EPSS
Exploits0References2
OSV
OSV
added 2022/03/18 6:15 p.m.4 views

CVE-2020-25193

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...

5.3CVSS5.8AI score0.00825EPSS
Exploits0References2
CVE
CVE
added 2022/03/07 9:49 p.m.105 views

CVE-2022-25217

CVE-2022-25217 involves hard-coded RSA keys in telnetd_startup on Phicomm/K2 and K3C firmware. A local attacker within the LAN can obtain a root shell by leveraging the leaked private key to trigger telnetd_startup via scripted UDP exchanges, spawning an unauthenticated root telnet shell. Concret...

7.8CVSS7.6AI score0.00324EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/02/19 12:1 a.m.52 views

GHSA-6RRW-4FM9-RGHV Use of Hard-coded Cryptographic Key in Netmaker

Netmaker prior to versions 0.8.5, 0.9.4, 0.10.0, and 0.10.1 uses a hard-coded cryptographic key...

8.8CVSS9.3AI score0.01714EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/02/18 10:0 p.m.8 views

CVE-2022-23650 Use of Hard-coded Cryptographic Key in Netmaker

Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...

7.2CVSS7.5AI score0.01556EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/02/18 2:15 p.m.7 views

CVE-2022-0664

Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1...

10CVSS7.6AI score0.01714EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/02/18 12:0 a.m.4 views

PT-2022-13342

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.8.5 Netmaker versions prior to 0.9.4 Netmaker versions prior to 0.10.0 Netmaker versions prior to 0.10.1 Description The issue is related to the use of a hard-coded cryptographic key in Netmaker. This could...

10CVSS7.3AI score0.01714EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2022/02/18 12:0 a.m.5 views

PT-2022-16161

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.8.5 Netmaker versions prior to 0.9.4 Netmaker versions prior to 0.10.0 Description The issue is related to a hard-coded cryptographic key in the code base of Netmaker, a platform for creating and managing virtual...

9CVSS7.3AI score0.01556EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2022/02/17 7:15 p.m.5 views

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

7.5CVSS7.2AI score0.01178EPSS
Exploits1References2
OSV
OSV
added 2022/02/17 7:15 p.m.4 views

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

7.5CVSS7.1AI score0.01178EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/02/17 12:0 a.m.2 views

Asus CMAX6000 安全漏洞

The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...

7.5CVSS5.6AI score0.01178EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.6 views

Advantech 信任管理问题漏洞

Advantech, an application of Advantech China, provides intelligent electric bus management systems. A trust management issue vulnerability exists in Advantech ADAM-3600, which stems from a hard-coded private key available in the project folder, and can be exploited by an attacker to achieve Web...

9.8CVSS5.6AI score0.01211EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/31 12:0 a.m.4 views

PrinterLogic Web Stack 信任管理问题漏洞

PrinterLogic Web Stack PrinterLogic Printer Installer is a native web application from PrinterLogic, Inc. Enables It departments to manage and automate the creation/dissemination of Printer Objects and Printer Drivers across print environments from a single management console. A trust management...

9.3CVSS8.5AI score0.05524EPSS
Exploits1References8
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.8 views

Reolink RLC-410W 信任管理问题漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in the TLS hard-coded key of Reolink RLC-410W v3.0.0.13620121102, which can be exploited by attackers to obtain sensitive information...

7.5CVSS5.5AI score0.0089EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/17 10:15 a.m.10 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS5.4AI score0.00203EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/01/17 10:15 a.m.6 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS5.8AI score0.00203EPSS
Exploits0References1
Rows per page
Query Builder