3819 matches found
PT-2025-17863 · Unknown · Uni-Nms-Lite
Name of the Vulnerable Software and Affected Versions: UNI-NMS-Lite affected versions not specified Description: The issue concerns the use of hard-coded credentials in UNI-NMS-Lite, which could allow an unauthenticated attacker to read, manipulate, and create entries in the managed database...
PT-2025-17862
Name of the Vulnerable Software and Affected Versions UNI-NMS-Lite affected versions not specified Description The issue concerns the use of hard-coded credentials in UNI-NMS-Lite, which could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices...
CVE-2025-2765
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765
CVE-2025-2765 affects CarlinKit CPC200-CCPA Wireless Hotspot. The vulnerability is a hard-coded credential issue in the hotspot configuration that enables authentication bypass by network-adjacent attackers with no user interaction. Multiple sources (ZDI advisory ZDI-25-177, Red Hat, CVEs listing...
CarlinKit CPC200-CCPA 信任管理问题漏洞
The CarlinKit CPC200-CCPA is a wireless CarPlay and Android Auto adapter from CarlinKit. The CarlinKit CPC200-CCPA suffers from a trust management issue vulnerability that stems from the use of hard-coded credentials in wireless hotspots, which could lead to authentication bypass...
Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk
CVE-2024-28987 Proof of Concept Exploit for CVE-2024-28987: So...
Siemens SENTRON 7KT PAC1260 Data Manager Trust Management Issue Vulnerability
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...
Esri Portal for ArcGIS Hardcoded Credentials Vulnerability
Esri Portal for ArcGIS is a Web-based geographic information system GIS platform. A hard-coded credentials vulnerability exists in Esri Portal for ArcGIS, which can be exploited by an attacker to gain administrative access to the system...
ABB Cylon Aspect 3.08.03 - Hard-coded Secrets
ABB Cylon Aspect 3.08.03 Hard-coded Secrets Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalable building energy management and control solution...
Siemens SENTRON 7KT PAC1260 Data Manager 信任管理问题漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...
Philips IntelliSpace Portal 安全漏洞
Philips IntelliSpace Portal is an advanced medical image analysis platform from Philips Netherlands that provides multimodal image processing and automated diagnostic tools. A security vulnerability exists in Philips IntelliSpace Portal version 12 and earlier and Advanced Visualization Workspace...
Security Bulletin: Multiple Vulnerabilities in IBM Security Guardium Key Lifecycle Manager
Summary There are multiple vulnerabilities identified in IBM Security Guardium Key Lifecycle Manager. These vulnerabilties have been fixed in IBM Security Guardium Key Lifecycle Manager v4.2.0.2. Please apply the latest fix packs for the fixes. Vulnerability Details CVEID:CVE-2023-47704...
Security Bulletin: IBM Security Verify Governance is affected by multiple vulnerabilities
Summary Multiple security vulnerabilities have been addressed in the latest IBM Security Verify Governance release. Vulnerability Details CVEID:CVE-2023-33840 DESCRIPTION: IBM Security Verify Governance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
(0Day) CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from...
CVE-2025-2556
A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to hard-coded credentials. The attack can only be initiated within the local network. The exploit h...
CVE-2025-2556
A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to hard-coded credentials. The attack can only be initiated within the local network. The exploit h...
CVE-2025-2556 Audi UTR Dashcam Video Stream hard-coded credentials
A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to hard-coded credentials. The attack can only be initiated within the local network. The exploit h...