Lucene search
K

8085 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.5 views

CVE-2025-1393

An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product...

9.8CVSS7.6AI score0.00544EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:8 a.m.6 views

CVE-2024-2161

Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...

9.8CVSS7AI score0.00906EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.9 views

PT-2026-1683

Name of the Vulnerable Software and Affected Versions INIM Electronics Smartliving SmartLAN/G/SI versions 6.x and earlier Description The Smartliving SmartLAN/G/SI software contains hard-coded credentials within its Linux distribution image. These credentials cannot be altered through standard...

9.3CVSS7AI score0.00366EPSS
Exploits0References7
Veracode
Veracode
added 2026/01/06 8:18 a.m.6 views

Use Of A Hard-Coded Cryptographic Key

org.apache.streampark, streampark is vulnerable to Use of a Hard-Coded Cryptographic Key. The vulnerability is due to the use of a fixed, immutable encryption key in the application, which allows an attacker to recover the key through code analysis and decrypt sensitive data or forge encrypted...

9.8CVSS6.7AI score0.00448EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.4 views

WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin 安全特征问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

6.5CVSS6.4AI score0.00182EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/05 8:25 p.m.2 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the interactive installer process. An attacker can gain unauthorized remote access to the host system by exploiting the default administrative credentials over SSH before the password is reset. This is...

9.8CVSS7.1AI score0.00473EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/01 1:10 a.m.15 views

CVE-2025-15371

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS6.5AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 9:30 p.m.5 views

EUVD-2025-206080

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

9.3CVSS6.9AI score0.00282EPSS
Exploits1References5
NVD
NVD
added 2025/12/31 7:15 p.m.5 views

CVE-2021-47744

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

9.3CVSS0.00282EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/31 6:39 p.m.5 views

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

9.3CVSS7AI score0.00282EPSS
Exploits1References4
CVE
CVE
added 2025/12/31 6:39 p.m.11 views

CVE-2021-47744

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains a hard-coded credentials issue in its Linux distribution, exposing remote root access via the static password 'Chameleon' over Telnet or SSH. Public sources note potential remote root compromise for affected devices; CVSS metrics in the entry indic...

9.3CVSS7AI score0.00282EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/31 6:39 p.m.24 views

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

9.3CVSS0.00282EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/31 3:30 a.m.3 views

EUVD-2025-205867

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS6.2AI score0.00118EPSS
Exploits0References12
NVD
NVD
added 2025/12/31 1:15 a.m.8 views

CVE-2025-15371

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS0.00118EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/12/31 1:2 a.m.4 views

CVE-2025-15371 Tenda i24 Shadow File hard-coded credentials

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References11
CVE
CVE
added 2025/12/31 1:2 a.m.60 views

CVE-2025-15371

Affected products: Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to version 65.10.15.6. Root cause: manipulation of the Shadow File component via input Fireitup, enabling hard-coded credentials. Local access required. Public exploit details exist. Remediation: upgrade to a...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/12/31 1:2 a.m.35 views

CVE-2025-15371 Tenda i24 Shadow File hard-coded credentials

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS0.00118EPSS
Exploits0References11
EUVD
EUVD
added 2025/12/31 12:31 a.m.3 views

EUVD-2023-60534

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

9.3CVSS7AI score0.00577EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.14 views

PT-2025-54267

Name of the Vulnerable Software and Affected Versions Tenda i24 versions prior to 65.10.15.7 Tenda 4G03 Pro versions prior to 65.10.15.7 Tenda 4G05 versions prior to 65.10.15.7 Tenda 4G08 versions prior to 65.10.15.7 Tenda G0-8G-PoE versions prior to 65.10.15.7 Tenda Nova MW5G versions prior to...

8.5CVSS7.5AI score0.00118EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

Tenda多款产品 信任管理问题漏洞

Tenda i24 and others are products of Tenda, a Chinese company. tenda i24 is a wireless router. tenda 4G03 is a wireless router tenda 4G05 is a wireless router. A trust management issue vulnerability exists in various Tenda products.The vulnerability stems from incorrect operation of the Shadow Fi...

8.5CVSS7.7AI score0.00118EPSS
Exploits0References11
Rows per page
Query Builder