Lucene search
K

1118 matches found

ATTACKERKB
ATTACKERKB
added 2017/09/20 4:29 p.m.4 views

CVE-2017-9649

A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants including RSD31-AM Package, DRM-1/2 and variants including Solar PWR Package, DRM and RDS Based Boundary Monitors, External...

5.4CVSS5.5AI score0.00464EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/29 12:0 a.m.5 views

Multiple Westermo devices hard-coded to use encryption key vulnerability

The Westermo MRD-305-DIN, MRD-315 and MRD-355 are all router products from Westermo, Sweden. A security vulnerability exists in multiple Westermo devices. An attacker could exploit the vulnerability to decode traffic from other sources...

7.5CVSS7.8AI score0.01532EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/26 12:0 a.m.5 views

Multiple Westermo Routers Hardcoded Password Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers are vulnerable to a hard-coded password vulnerability where the device uses a hard-coded special key that allows an attacker to decrypt traffic from any other source...

7.1AI score
Exploits0References1
OSV
OSV
added 2017/04/26 2:59 p.m.3 views

CVE-2017-6054

A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information...

7.5CVSS5.8AI score0.02096EPSS
Exploits0References3
CNVD
CNVD
added 2017/04/12 12:0 a.m.5 views

Hardcoded Credentials Vulnerability in Multiple Foscam Devices

Foscam is the world's leading provider of home security IP cameras. A security vulnerability exists in the use of the same hard-coded SSL private key for Foscam networked devices across different customer installations. A remote attacker could utilize another installation with knowledge of this k...

8.1CVSS6.9AI score0.01682EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/06 12:0 a.m.5 views

Schneider Modicon M221CE16R Hard-Coded Vulnerability

The Modicon M221CE16R is an all-in-one programmable controller from Schneider Electric Co. The Schneider Modicon M221CE16R is vulnerable to a hard-coded vulnerability where XML files are AES-CBC encrypted, but the key used for encryption is hard-coded and cannot be changed. After decrypting the X...

7AI score
Exploits0References1
CNVD
CNVD
added 2017/02/28 12:0 a.m.3 views

Red Lion Controls Sixnet-Managed Industrial Switches and Stride-Managed Ethernet Switches Hard-Coded Encryption Key Vulnerability

Red Lion Controls Sixnet-Managed Industrial Switches and Stride-Managed Ethernet Switches are both industrial Ethernet managed switches from Red Lion Controls, USA. A hard-coded encryption key vulnerability exists in Red Lion Controls Sixnet-Managed Industrial Switches version 5.0.196 and earlier...

6.8AI score
Exploits0References1
OSV
OSV
added 2017/02/13 9:59 p.m.4 views

CVE-2016-9353

An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The admin password is stored in the system and is encrypted with a static key hard-coded in the program. Attackers could reverse the admin account password for use...

7.8CVSS5.8AI score0.00387EPSS
Exploits0References2
CNVD
CNVD
added 2017/01/11 12:0 a.m.4 views

D-Link DGS-1100 Switch Local Hardcoded SSL Certificate Vulnerability

The D-Link DGS-1100 is an Ethernet switch from AUO D-Link. A security vulnerability exists in D-Link DGS-1100 devices using firmware version 1.01.018, which originates from a program using a hard-coded SSL private key. An attacker can exploit the vulnerability by hijacking an HTTPS session to...

8.1CVSS6.8AI score0.01169EPSS
Exploits1References1
CNVD
CNVD
added 2016/12/16 12:0 a.m.4 views

SAP Download Manager Information Disclosure Vulnerability

SAP Download Manager is the German SAP SAP company developed a set of Java applications for downloading software packages and support comments. A security vulnerability exists in SAP Download Manager version 2.1.142 and prior versions, which arises from the program's use of a hard-coded encryptio...

4.7CVSS6.3AI score0.00288EPSS
Exploits1References1
CNVD
CNVD
added 2016/12/03 12:0 a.m.4 views

Advantech SUSIAccess Server Local Elevation of Privilege Vulnerability

SUSIAccess is an easy-to-use remote device management software solution. A local elevation of privilege vulnerability exists in Advantech SUSIAccess Server. Since the admin password is stored on the system and encrypted using a hard-coded static key in the program. An attacker can exploit the...

7.8CVSS7AI score0.00387EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/09 12:0 a.m.3 views

SysAid Help Desk Hardcoded Key Vulnerability

SysAid Help Desk is a suite of Web-based IT management software. SysAid Help Desk has a built-in hard-coded vulnerability that could be exploited by a remote attacker to gain unauthorized access to the key...

5CVSS7.1AI score0.26349EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2014/04/02 12:0 a.m.25 views

Jenkins HP Application Automation Tools Plugin Password Encryption Security Weakness

The remote host is using the Jenkins HP Application Automation tools plugin. Nessus was able to remotely access one or more unprotected files in the Jenkins build system and decrypt the HP Application Lifecycle Management password. These passwords are currently encrypted with a known, hard-coded...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2013/10/09 12:0 a.m.63 views

Two Instagram Android App Security Vulnerabilities

Affected app: Instagram for Android Affected versions: 4.0.2 and 4.1.2, probably also earlier versions as well as iOS affected. Summary After the Instagram iOS vulnerability discovered last year 1, the app's HTTP API has been extended with a cryptographic authentication for changes like "likes" a...

Exploits0
AlpineLinux
AlpineLinux
added 2008/08/14 8:0 p.m.6 views

CVE-2008-2369

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

9.1CVSS5.9AI score0.03283EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2008/08/13 2:17 p.m.9 views

Satellite: information disclosure via manzier.pxt RPC script

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

9.1CVSS7.4AI score0.03283EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/08/06 12:0 a.m.28 views

TBDev torrent tacker script backdoor - FAKE

On connection with hard coded key with hash "0bffd3d87e7267c7fe686e20acbee7ab" all database tables are dropped...

0.5AI score
Exploits0References1Affected Software1
CVE
CVE
added 2002/10/03 4:0 a.m.51 views

CVE-2002-0706

CVE-2002-0706 affects SurfControl SuperScout WebFilter’s Web Reports Server, specifically the UserManager.js component. The root cause is the use of weak encryption for administrator functions, with a hard-coded key inside a JavaScript function, enabling decryption of the admin password. This all...

7.5CVSS6.9AI score0.00984EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder