CVE-2025-5379 NuCom NC-WR744G Console Application hard-coded credentials

A vulnerability classified as critical was found in NuCom NC-WR744G 8.5.5 Build 20200530.307. This vulnerability affects unknown code of the component Console Application. The manipulation of the argument CMCCAdmin/useradmin/CUAdmin leads to hard-coded credentials. The attack can be initiated...

CVE-2025-5379

CVE-2025-5379 affects NuCom NC-WR744G, version 8.5.5 Build 20200530.307, specifically the Console Application where the CMCCAdmin/useradmin/CUAdmin argument is manipulated, leading to hard-coded credentials. This vulnerability can be exploited remotely; multiple sources confirm the issue but do n...

NuCom NC-WR744G 安全漏洞

NuCom NC-WR744G is a wireless router from NuCom. A security vulnerability exists in NuCom NC-WR744G version 8.5.5 Build 20200530.307, which originates from the presence of hard-coded credentials in parameter CMCCAdmin/useradmin/CUAdmin...

PT-2025-23404 · Nucom · Nucom Nc-Wr744G

Name of the Vulnerable Software and Affected Versions: NuCom NC-WR744G version 8.5.5 Build 20200530.307 Description: A critical vulnerability was found in the Console Application component of the affected software. The issue involves the manipulation of the CMCCAdmin/useradmin/CUAdmin argument,...

CVE-2025-46352 Consilium Safety CS5000 Fire Panel Use of Hard-coded Credentials

The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allowing anyone with knowledge of it to gain remote access to the panel. Such access could enable an...

CVE-2025-46352

CVE-2025-46352 affects the Consilium Safety CS5000 Fire Panel. The vulnerability stems from a hard-coded password used by a VNC server bundled with the panel, exposed as a string in the binary and not alterable by users. With network access, an attacker can remotely log in and operate the panel, ...

CVE-2025-36572

Dell PowerStore, versions 4.0.0.0, contains an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based o...

CVE-2025-36572

Dell PowerStore, versions 4.0.0.0, contains an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based o...

CVE-2025-36572

Dell PowerStore, versions 4.0.0.0, contains an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based o...

CVE-2025-36572

The CVE-2025-36572 entry concerns Dell PowerStore 4.0.0.0 with a Use of Hard-coded Credentials in the PowerStore image file. The underlying issue is hard-coded credentials enabling a low-privileged, remote attacker to gain unauthorized access consistent with the credentials’ privileges. Affects D...

PT-2025-23097 · Dell · Dell Powerstore

Name of the Vulnerable Software and Affected Versions: Dell PowerStore version 4.0.0.0 Description: The issue concerns the use of hard-coded credentials in the PowerStore image file. A low-privileged attacker with remote access and knowledge of these credentials could exploit this to gain...

Dell PowerStore 信任管理问题漏洞

Dell PowerStore is a scalable all-flash array storage from Dell USA. A trust management issue vulnerability exists in Dell PowerStore version 4.0.0.0, which stems from the use of hard-coded credentials and can be exploited by an attacker to cause unauthorized access...

CVE-2025-48414

There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...

CVE-2024-5764

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...

CVE-2024-6656

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-8135

A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...

CVE-2024-35118

IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device...

CVE-2024-21990

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-23453

Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...