LB-LINK BL-AC3600 安全漏洞

LB-LINK BL-AC3600 is a dual-band Gigabit wireless router from China Bilink LB-LINK that supports 2.4GHz and 5GHz bands for home and small office networks. A security vulnerability exists in LB-LINK BL-AC3600 version 1.0.22, which originates from hard-coded credentials in the file /etc/shadow...

CVE-2025-5023

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product measurement unit and display unit to...

Shenzhen Liandian Communication Technology V380 IP Camera 安全漏洞

Shenzhen Liandian Communication Technology V380 IP Camera is a camera from Shenzhen Liandian Communication Technology. A security vulnerability exists in the Shenzhen Liandian Communication Technology V380 IP Camera AppFHE1V1.0.6.0 version, which stems from the default enablement of Telnet servic...

Acclaim Systems USAHERDS Hard-Coded Credentials (CVE-2021-44207)

The version of Acclaim Systems USAHERDS running on the remote host may be missing a vendor supplied patch. It is possible, therefore, that it is affected by a vulnerability: it might use hard-coded credentials. Note that Nessus has not tested for this issue. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2025-37103

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a remote attacker to gain administrative access to the system...

CVE-2025-5023

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product measurement unit and display unit to...

CVE-2025-5023

The CVE-2025-5023 entry affects Mitsubishi Electric EcoGuideTAB PV-DR004J and PV-DR004JA, all versions, with a root cause related to hard-coded credentials. An attacker in Wi‑Fi range between the measurement unit and display unit can disclose generated power data and grid-revenue information, tam...

CVE-2025-5023

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product measurement unit and display unit to...

Mitsubishi Electric PV-DR004J 信任管理问题漏洞

The Mitsubishi Electric PV-DR004J is a solar power generator from Mitsubishi Electric Japan. The Mitsubishi Electric PV-DR004J suffers from a trust management issue vulnerability that stems from the use of hard-coded credentials, which could lead to information disclosure or denial of service...

PT-2025-29074 · Mitsubishi · Ecoguidetab Pv-Dr004J +1

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation EcoGuideTAB PV-DR004J all versions Mitsubishi Electric Corporation EcoGuideTAB PV-DR004JA all versions Description: A hard-coded credentials issue exists in Mitsubishi Electric Corporation’s EcoGuideTAB...

Adobe ColdFusion < 2021.x < 2021u21 / 2023.x < 2023u15 / 2025.x < 2025u3 Multiple Vulnerabilities (APSB25-69)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 21, 2023.x update 15, or 2025.x update 3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-69 advisory. - ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are...

Vulnerabilities fixed in Adobe ColdFusion

Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 25.2, 23.14, 21.20 and earlier. The vulnerabilities in ColdFusion include a significant vulnerability related to improper restriction of XML External Entity Reference XXE, hard-coded credentials, improper authorization, XML...

CVE-2025-3920

A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extra...

CVE-2025-52492

A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtains a copy of the firmware can extract these credentials. This could allow the attacker to gain...

CVE-2025-49551

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does...

CVE-2025-49551

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does...

CVE-2025-49551 ColdFusion | Use of Hard-coded Credentials (CWE-798)

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does...

CVE-2025-49551 ColdFusion | Use of Hard-coded Credentials (CWE-798)

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does...

CVE-2025-37103

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a remote attacker to gain administrative access to the system...

CVE-2025-37103

CVE-2025-37103 affects HPE Networking Instant On Access Points. The description across sources confirms hard-coded login credentials allow bypass of normal device authentication, enabling a remote attacker to gain administrative access. Affected products include HPE Networking Instant On Access P...