3819 matches found
CVE-2023-51638
CVE-2023-51638 describes an authentication bypass in Allegra caused by a hard-coded password configured in the database. Multiple connected sources confirm: (1) the flaw is a hard-coded credential in the configuration of the database, enabling remote authentication bypass without user interaction...
CVE-2023-51638 Allegra Hard-coded Credentials Authentication Bypass Vulnerability
Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a...
PT-2024-17145 · E Lins · E-Lins H720 +6
Name of the Vulnerable Software and Affected Versions: E-Lins H685 versions up to 3.2 E-Lins H685f versions up to 3.2 E-Lins H700 versions up to 3.2 E-Lins H720 versions up to 3.2 E-Lins H750 versions up to 3.2 E-Lins H820 versions up to 3.2 E-Lins H820Q versions up to 3.2 E-Lins H820Q0 versions ...
E-Lins多款产品 安全漏洞
E-Lins H685 and others are a cellular router from E-Lins. A security vulnerability exists in various E-Lins products that stems from allowing the use of hard-coded credentials. The following products are affected: the E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0, and H900...
CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
Tenda G3 Hardcoded Credentials Vulnerability
Tenda G3 is a QosVpn router from Tenda China. The Tenda G3 suffers from a hard-coded credential vulnerability that can be exploited by an attacker to log in as root and obtain sensitive information...
LB-LINK BL-WR 1300H 安全漏洞
The LB-LINK BL-WR 1300H is a wireless dual-band gigabit router from China Bilink LB-LINK. A security vulnerability exists in the LB-LINK BL-WR 1300H version v.1.0.4, which stems from the use of hard-coded credentials in /etc/shadow...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-31151
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be...
CVE-2024-28875
CVE-2024-28875 affects LevelOne WBR-6012. Talos confirms a hard-coded admin backdoor password and an undocumented user account, allowing admin-level access within the first 30 seconds after boot via the device’s web services. The hard-coded password is “@m!t2K1” and a reboot sequence may bypass t...
CVE-2024-28875
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be...
LevelOne WBR-6012 信任管理问题漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. A trust management issue vulnerability exists in the LevelOne WBR-6012, which stems from an issue with the use of hard-coded credentials in web services...
LevelOne WBR-6012 信任管理问题漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. A trust management issue vulnerability exists in the LevelOne WBR-6012, which stems from an issue with the use of hard-coded credentials in web services...
PT-2024-22620 · Levelone · Levelone Wbr-6012
Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 affected versions not specified Description: A security issue exists due to hard-coded credentials in the web services of the affected device. This allows attackers to gain unauthorized access within the first 30 seconds aft...
PT-2024-23796 · Levelone · Levelone Wbr-6012
Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 affected versions not specified Description: A security issue exists due to hard-coded credentials in the web services of the affected device. This allows attackers to gain unauthorized access within the first 30 seconds aft...