3819 matches found
CVE-2024-8162
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/webcste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack...
CVE-2024-8162 TOTOLINK T10 AC1200 Telnet Service product.ini hard-coded credentials
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/webcste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack...
CVE-2024-8162 TOTOLINK T10 AC1200 Telnet Service product.ini hard-coded credentials
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/webcste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack...
CVE-2024-8162
Totolink T10 AC1200 firmware 4.1.8cu.5207 contains a Telnet Service flaw in the /squashfs-root/web_cste/cgi-bin/product.ini file where hard-coded credentials are stored. This allows remote attackers to gain unauthorized access; the issue is publicly disclosed and can be exploited without user int...
TOTOLINK AC1200 信任管理问题漏洞
TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. The TOTOLINK AC1200 version 4.1.8cu.5207 suffers from a trust management issue vulnerability that originates from an unknown function in the Telnet service component with hard-coded credentials in the file...
PT-2024-6512 · Totolink · Totolink T10 Ac1200
Name of the Vulnerable Software and Affected Versions: TOTOLINK T10 AC1200 version 4.1.8cu.5207 Description: The issue is related to the use of hard-coded credentials in the file /squashfs-root/web cste/cgi-bin/product.ini of the Telnet Service component. This allows a remote attacker to gain...
CVE-2024-8135
A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...
CVE-2024-8135
A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...
CVE-2024-8135 Go-Tribe gotribe token.go Sign hard-coded credentials
A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...
CVE-2024-8135 Go-Tribe gotribe token.go Sign hard-coded credentials
A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...
CVE-2024-8135
Summary: CVE-2024-8135 affects Go-Tribe gotribe (up to commit cd3ccd32...) with a vulnerability in the Sign function of pkg/token/token.go. The issue arises from manipulation of the config.key argument, which leads to hard-coded credentials. Reported in multiple feeds, the product uses continuous...
PT-2024-38824 · Go Tribe · Go-Tribe
Name of the Vulnerable Software and Affected Versions: Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310 Description: A critical vulnerability has been found in Go-Tribe gotribe. The issue affects the function Sign of the file pkg/token/token.go. The manipulation of the argument...
gotribe 信任管理问题漏洞
gotribe is gotribe open source a small cms solution for Go + Vue development. A trust management issue vulnerability exists in gotribe, which stems from the fact that manipulation of the parameter config.key results in hard-coded credentials...
PT-2024-5815
Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.3 Hotfix 2 Description The SolarWinds Web Help Desk software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated users to access internal functionality and modify...
SolarWinds Web Help Desk 信任管理问题漏洞
SolarWinds Web Help Desk is a suite of help desk and asset management software from SolarWinds USA. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A trust management issue vulnerability exists in SolarWinds Web Help Desk tha...
CVE-2024-8005
A vulnerability was found in demozx gfcms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. Th...
CVE-2024-8005
A vulnerability was found in demozx gfcms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. Th...
CVE-2024-8005 demozx gf_cms JWT Authentication auth.go init hard-coded credentials
A vulnerability was found in demozx gfcms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. Th...
CVE-2024-8005
Summary of CVE-2024-8005 (demozx gf_cms) : A vulnerability in demozx gf_cms versions 1.0 and 1.0.1 affects the JWT Authentication component, specifically the init function in internal/logic/auth/auth.go. The issue allows manipulation of hard-coded credentials, enabling remote exploitation. The se...
gf_cms 信任管理问题漏洞
gfcms is a GoFrameV2 based web content management system by demozx individual developer. A trust management issue vulnerability exists in gfcms version 1.0 and 1.0.1, which stems from an issue with the use of hard-coded credentials in the internal/logic/auth/auth.go page of the JWT Authentication...