323 matches found
CVE-2025-13954
Summary: EZCast Pro II Admin UI (version 1.17478.146) exposes hard-coded cryptographic keys, allowing bypass of authorization checks and granting full admin UI access. Affected product/component: EZCast Pro II Admin UI. Root cause: hard-coded cryptographic keys in the Admin UI. Impact: unauthoriz...
CVE-2025-13954
Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...
CVE-2025-13954 Hard-coded cryptographic keys in EZCast Pro II Dongle
Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...
CVE-2025-13954 Hard-coded cryptographic keys in EZCast Pro II Dongle
Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...
PT-2025-50309
Name of the Vulnerable Software and Affected Versions EZCast Pro II version 1.17478.146 Description The Admin UI contains hard-coded cryptographic keys. This allows attackers to bypass authorization checks and gain full access to the admin UI. Recommendations Update to a newer version that does n...
goaway 安全漏洞
goaway is a DNS blackhole software by Hugo Personal Developer. A security vulnerability exists in versions prior to goaway 0.62.19, which stems from the use of hard-coded key signing JWT tokens, which could lead to authentication bypass...
Advantech WISE-DeviceOn Server 安全漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a hard-coded encryption key vulnerability that can be exploited by an attacker to impersonate an arbitrary account...
Go Ldap Admin 安全漏洞
Go Ldap Admin is an openLDAP backend management project based on Go+Vue implementation organized by China opsre. A security vulnerability exists in Go Ldap Admin 20251011 and earlier versions, which originates from the use of hard-coded encryption keys by the JWT Handler component in the...
CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞
The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the firmware containing hard-coded keys that could lead to bypassing access...
motogadget mo.lock Ignition Lock 安全漏洞
The motogadget mo.lock Ignition Lock is an electronic ignition lock and anti-theft system for motorcycles from the German company motogadget. A security vulnerability exists in motogadget mo.lock Ignition Lock 20251125 and earlier versions, which stems from the use of hard-coded encryption keys b...
CVE-2025-64304
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...
Apache Syncope Trust Management Issues Vulnerability
Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope has a trust management issue vulnerability that stems from...
CVE-2025-64304
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...
"FOD" App uses hard-coded cryptographic keys
Overview "FOD" App provided by Fuji Television Network, Inc. uses hard-coded cryptographic keys Use of hard-coded cryptographic key CWE-321 - CVE-2025-64304 The keys are used in the processing of JWT data. Impact The cryptographic keys may be retrieved. The developer considers that the impact is...
CVE-2025-64304
The CVE-2025-64304 entry concerns the FujiTV/FOD mobile app, which reportedly hard-codes cryptographic keys (CWE-321). A local, unauthenticated attacker may retrieve these keys from the app, as described in multiple sources. Documented impact centers on disclosure of cryptographic keys; the provi...
EUVD-2025-199539
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...
CVE-2025-64304
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...
CVE-2025-64304
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...
FujiTelevison FOD app 安全漏洞
FujiTelevison FOD app is an on-demand mobile app from FujiTelevison Japan. A security vulnerability exists in the FujiTelevison FOD app that stems from the use of hard-coded encryption keys, which could lead to a local attacker obtaining the keys...
PT-2025-47986
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...