38 matches found
EUVD-2008-6540
Malware in sbrugna...
EUVD-2015-3984
Malware in sbrugna...
EUVD-2018-7590
Malware in sbrugna...
EUVD-2024-41408
Malicious code in bioql PyPI...
Sitecore Experience Platform和Sitecore Experience Manager 信任管理问题漏洞
Sitecore Experience Platform XP and Sitecore Experience Manager XM are both products of Sitecore, Denmark.Sitecore Experience Platform is a suite of customer digital experience platforms.Sitecore Sitecore Experience Platform is a customer digital experience platform and Sitecore Experience Manage...
CVE-2023-48250
The vulnerability allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded accounts...
CVE-2024-45275
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices...
PT-2024-31530 · Helmholz +1 · Rex100 +3
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The devices contain two hard-coded user accounts with hardcoded passwords, allowing an unauthenticated remote attacker to gain full control of the...
CVE-2023-48250
The vulnerability allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded accounts...
CVE-2023-48250
The vulnerability allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded accounts...
CVE-2023-48250
CVE-2023-48250 affects Bosch Nexo devices; vulnerable component is the web authentication layer with hard-coded hidden accounts, enabling remote authentication with high privileges. Documents mention NEXO-OS and Bosch Nexo cordless nutrunner as affected, with the root cause cited as multiple hard...
SpotCam Sense 信任管理问题漏洞
SpotCam Sense is a camera from SpotCam. The SpotCam FHD 2 1.0036 firmware version has a trust management issue vulnerability that originates from the Telnet function using hard-coded Telnet accounts, which can be exploited by an attacker to log in to the system and gain administrative access to a...
CVE-2019-10881
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled...
Xerox AltaLink 信任管理问题漏洞
Xerox AltaLink is a hardware device from the American Xerox Xerox company. It provides a print-copy function. A security vulnerability exists in Xerox AltaLink versions prior to 103.xxx.030.32000, which stems from including two accounts with weakly hard-coded passwords that can be exploited and...
vxhunter
This is an offensive tool for embedded device analysis. It is a toolset for VxWorks based embedded device analyses, specifically designed for analyzing VxWorks firmware. The toolset includes plugins written in Python for analyzing firmware loading address, fixing function names with symbol tables...
D-Link DSL-2640B B2 Trust Management Issue Vulnerability
The D-Link DSL-2640B B2 is a wireless router from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DSL-2640B B2 EU4.01B version, which comes with hard-coded accounts in the router. The vulnerability can be exploited by an attacker to log in to the management interface,...
CVE-2015-3953
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2015-3953
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...
CVE-2018-15720
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API...
CVE-2018-15720
Affected product: Logitech Harmony Hub. Vulnerability: hard-coded XMPP accounts in the hub’s XMPP server allow remote, unauthenticated access to the local API. Root cause: exposed credentials baked into the firmware prior to 4.15.206. Impact: potential remote control of the hub APIs; effect on co...