TP-LINK Archer C50 安全漏洞

TP-LINK Archer C50 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK Archer C50 V3 180703 and earlier, V4 250117 and earlier, and V5 200407 and earlier, which stems from hard-coded credentials and could lead to configuration file decryption...

JVN#44419726: ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials

ZWX-2000CSW2-HN and ZWX-2000CS2-HN provided by ZEXELON CO., LTD. contain the following vulnerability. Use of Hard-coded Credentials CWE-798 CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.8 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.5 CVE-2025-53842 Thi...

Digisol DG-GR6821AC Router 信任管理问题漏洞

Digisol DG-GR6821AC Router is a WiFi router from Digisol India. The Digisol DG-GR6821AC Router suffers from a trust management issue vulnerability that stems from hard-coded root access credentials in the firmware, which could allow a physical access attacker to gain administrator privileges...

ZEXELON ZWX-2000CSW2-HN和ZEXELON ZWX-2000CS2-HN 信任管理问题漏洞

The ZEXELON ZWX-2000CSW2-HN and the ZEXELON ZWX-2000CS2-HN are both a high-speed coaxial cable modem from ZEXELON Japan. A trust management issue vulnerability exists in the ZEXELON ZWX-2000CSW2-HN prior to version 0.3.19 and the ZEXELON ZWX-2000CS2-HN, which stems from hard-coded credentials and...

PT-2025-29772 · Digisol · Digisol Dg-Gr6821Ac Router

Name of the Vulnerable Software and Affected Versions: Digisol DG-GR6821AC Router affected versions not specified Description: The Digisol DG-GR6821AC Router is susceptible to a security issue due to hard-coded Root Access Credentials within the device firmware’s system configuration. An attacker...

PT-2025-29691 · Unknown · Zwx-2000Csw2-Hn

Name of the Vulnerable Software and Affected Versions: ZWX-2000CSW2-HN versions prior to 0.3.19 ZWX-2000CS2-HN affected versions not specified Description: A use of hard-coded credentials issue exists. Exploitation of this issue may allow an attacker to tamper with device settings by obtaining th...

PT-2025-29877

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C50 versions = 180703 TP-Link Archer C50 versions = 250117 TP-Link Archer C50 versions = 200407 Description: The use of hard-coded credentials allows attackers to decrypt config.xml files. Recommendations: TP-Link Archer C50...

CVE-2025-3621

Vulnerabilities in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. vulnerabilities: Improper Neutralization of Special Elements used in a Command 'Command Injection' Use of Hard-coded Credentials Improper Authentication Binding to an...

CVE-2025-3621

CVE-2025-3621 affects ProTNS ActADUR local server. Multiple vulnerabilities in ActADUR (v2.0.1.9 and earlier) enable remote code execution via remote command injection, with issues including hard-coded credentials, improper authentication, and binding to an unrestricted IP. Exploitation vectors a...

CVE-2025-3621 Remote Code Execution in ProTNS ActADUR

Vulnerabilities in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. vulnerabilities: Improper Neutralization of Special Elements used in a Command 'Command Injection' Use of Hard-coded Credentials Improper Authentication Binding to an...

CVE-2025-3621 Remote Code Execution in ProTNS ActADUR

Vulnerabilities in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. vulnerabilities: Improper Neutralization of Special Elements used in a Command 'Command Injection' Use of Hard-coded Credentials Improper Authentication Binding to an...

ProTNS ActADUR 安全漏洞

ProTNS ActADUR is a local server product from ProTNS Korea. A security vulnerability exists in ProTNS ActADUR versions prior to 2.0.1.9 through 2.0.2.0 that stems from command injection, hard-coded credentials, improper authentication, and binding to an unrestricted IP address, which could lead t...

Adobe ColdFusion Trust Management Issues Vulnerability

Adobe ColdFusion is a dynamic Web server platform maintained by Adobe. Adobe ColdFusion suffers from a trust management issue vulnerability that stems from the use of hard-coded credentials, which can be exploited by an attacker to cause elevation of privilege...

CVE-2025-52376

An authentication bypass vulnerability in the /web/umopentelnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible wi...

PT-2025-29540 · Protns · Actadur

Name of the Vulnerable Software and Affected Versions: ActADUR versions 2.0.1.9 through 2.0.1.9 Description: The ActADUR local server product, developed and maintained by ProTNS, allows for Remote Code Inclusion on host systems. The vulnerability has been rated as critical and includes issues suc...

CVE-2025-7564

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...

CVE-2025-7564

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...

CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...

CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...

CVE-2025-7564

CVE-2025-7564 affects LB-LINK BL-AC3600 (firmware 1.0.22). The issue is a local-access vulnerability impacting an unknown function in /etc/shadow, where input manipulation of root:blinkadmin leads to hard-coded credentials exposure. Exploitation is locally feasible with the vulnerability describe...