VulnCheck KEV: CVE-2019-3495

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be...

CVE-2025-6982

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5...

CVE-2025-53754

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root...

CVE-2025-53842

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for...

CVE-2025-3621

Vulnerabilities in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. vulnerabilities: Improper Neutralization of Special Elements used in a Command 'Command Injection' Use of Hard-coded Credentials Improper Authentication Binding to an...

Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to disclose sensitive information or edit configuration on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which...

Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hsqldb service, which listens on TCP po...

CVE-2025-6982

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5 USV5260419 or EUV5260317 allows attackers to decrypt the config.xml files...

CVE-2025-6982

Use of Hard-coded Credentials in TP-Link Archer C50 V3 = 180703/V4 = 250117 /V5 = 200407 , and C20 V5...

CVE-2025-6982

CVE-2025-6982 affects TP-Link Archer C50 V3/V4/V5 firmware with hard-coded DES decryption keys, allowing offline decryption of config.xml and potential exposure of admin credentials and settings. Affected versions are V3 (<=180703), V4 (<=250117), and V5 (

CVE-2025-53754

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root...

CVE-2025-53754 Hard-coded Credentials Vulnerability in Digisol DG-GR6821AC Router

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root...

CVE-2025-53754 Hard-coded Credentials Vulnerability in Digisol DG-GR6821AC Router

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root...

CVE-2025-53754

CVE-2025-53754 affects the Digisol DG-GR6821AC Router. The vulnerability arises from hard-coded root access credentials embedded in the device firmware’s system configuration. An attacker with physical access could extract the firmware, analyze the binary data, and obtain the stored root credenti...

CVE-2025-53842

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for...

ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials

Overview ZWX-2000CSW2-HN and ZWX-2000CS2-HN provided by ZEXELON CO., LTD. contain the following vulnerability. Use of Hard-coded Credentials CWE-798 - CVE-2025-53842 This vulnerability is caused by an insufficient fix for CVE-2024-39838 JVN70666401. Hiroki Sato of Institute of Science Tokyo...

CVE-2025-53842

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for...

CVE-2025-53842

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for...

CVE-2025-53842

The CVE-2025-53842 issue affects ZWX-2000CSW2-HN (firmware

CVE-2025-7564

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...