EUVD-2023-28218

Malicious code in bioql PyPI...

CVE-2023-24149

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow...

CVE-2023-24155

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /webcste/cgi-bin/product.ini...

Design/Logic Flaw

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /webcste/cgi-bin/product.ini...

CVE-2023-24155

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /webcste/cgi-bin/product.ini...

CVE-2023-24147

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini...

CVE-2023-24155

CVE-2023-24155 affects TOTOLINK T8 (V4.1.5cu). The issue is a hard-coded password for the Telnet service stored in the component /web_cste/cgi-bin/product.ini. The impact is described as high/critical with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (network access, no user interaction, unauth...

CVE-2023-24149

CVE-2023-24149 affects TOTOLINK CA300-PoE, firmware version V6.2c.884, where a hard-coded root password is stored in /etc/shadow. The exposed credential leads to total impact on confidentiality, integrity, and availability (CVSS v3.1: 9.8, NETWORK attack vector, no user interaction; privileges re...

CVE-2022-34993

Totolink A3600RFirmware V4.1.2cu.5182B20201102 contains a hard code password for root in /etc/shadow.sample...

CVE-2022-34993

Totolink A3600RFirmware V4.1.2cu.5182B20201102 contains a hard code password for root in /etc/shadow.sample...

CVE-2022-23402

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-23402

CVE-2022-23402 affects Yokogawa CENTUM VP (R5.01.00–R5.04.20; R6.01.00–R6.08.00) and Exaopc (R3.72.00–R3.79.00) where CAMS server applications hard-code a password. This can enable unauthorized access to files/shared memory, potentially disrupting alarms or compromising server functions. Mitigati...

CVE-2021-35965 Learningdigital.com, Inc. Orca HCM - Hard-code password

The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in...

CVE-2020-12035

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service password that provides access to biomedical information, device settings, calibration settings, and network configuration. This could allow an attacker to modify device settings...