Infoblox NETMRI 安全漏洞

Infoblox NETMRI is a network management product from US-based Infoblox, Inc. can automate, provide visibility and continuous insight to help organizations intelligently manage their multi-vendor networks. A security vulnerability exists in Infoblox NETMRI versions prior to 7.6.1 that stems from...

CVE-2005-2026

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges...

CVE-2009-3710

RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username dbadmin and password sq!us3r for an SSH tunnel, which allows remote attackers to gain privileges via port 8022...

CVE-2025-48414

There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...

CVE-2025-48414 Hard-coded web interface credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...

CVE-2025-48414 Hard-coded web interface credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...

CVE-2025-48414

CVE-2025-48414 affects eCharge Hardy Barth cPH2 / cPP2 charging stations. Connected sources describe hard-coded credentials in the web interface scripts, granting access to admin/debug functionality and increasing attack surface. Public details confirm the issue but do not provide a confirmed pat...

CVE-2025-48413

CVE-2025-48413 affects the eCharge Hardy Barth cPH2 and cPP2 charging stations. The root cause is hard-coded password hashes stored in the system files /etc/passwd and /etc/shadow that are shipped with update files. This allows an attacker to log into the device, potentially via an SSH backdoor o...

CVE-2025-48413 Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...

CVE-2025-48413 Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...

eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 信任管理问题漏洞

The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A trust management issue vulnerability exists in eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2, which stems from the use of hard-coded credentials in the web interface...

PT-2025-22343 · Echarge Hardy Barth · Cph2 / Cpp2 Charging Stations

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns several scripts in the web interface that are accessible via undocumented hard-coded credentials. These scripts provide access to additional administrative and debug...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

CVE-2025-27488

CVE-2025-27488 affects Microsoft Windows Hardware Lab Kit (HLK). The vulnerability arises from use of hard-coded credentials in HLK, enabling an authorized attacker to elevate privileges locally. The CVE is tracked in multiple feeds (NVD, MSRC) with a CVSSv3 base score of 6.7 (Medium) and a local...

Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally...

PT-2025-20943 · Microsoft · Windows Hardware Lab Kit

Name of the Vulnerable Software and Affected Versions: Windows Hardware Lab Kit affected versions not specified Description: The issue concerns the use of hard-coded credentials in the software, which allows an authorized attacker to elevate privileges locally. There is no information provided...

CVE-2025-4041 Use of Hard-coded Credentials Optigo Networks ONS NC600

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...

CVE-2025-4041 Use of Hard-coded Credentials Optigo Networks ONS NC600

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...