PT-2024-38749 · Unknown · Demozx Gf Cms

Name of the Vulnerable Software and Affected Versions: demozx gf cms versions 1.0 through 1.0.1 Description: A critical issue has been found in the JWT Authentication component, specifically affecting the init function of the file internal/logic/auth/auth.go. This allows for the manipulation of...

Voltronic Power ViewPower Elevation of Privilege Vulnerability

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower Pro due to hard-coded database credentials. An attacker can exploit the vulnerability to escalate privileges and execu...

CVE-2024-41161

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

CVE-2024-41161

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

CVE-2024-41161 Vonets WiFi Bridges Use of Hard-coded Credentials

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

CVE-2024-41161

CVE-2024-41161 — Vonets Industrial WiFi Bridge Relays/Repeaters Affected products: Vonets VAR1200-H/L, VAR600-H, VAP11AC/11G-500S/11S, VBG1200, VAR11N-300, VAP11G-300/500, VGA-1000, and related models with software versions 3.3.23.6.9 and prior. Root cause: Use of hard-coded administrator credent...

CVE-2024-41161 Vonets WiFi Bridges Use of Hard-coded Credentials

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

CVE-2024-39838

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device...

Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN

Overview ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 - CVE-2024-39838 Incorrect permission assignment for critical resource CWE-732 -...

CVE-2024-39838

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device...

CVE-2024-39838

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device...

JVN#70666401: Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN

ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.5 CVE-2024-39838 Incorrect...

Zexeron ZWX-2000CSW2-HN 安全漏洞

The Zexeron ZWX-2000CSW2-HN is a high-speed coaxial modem from Zexeron Corporation of Japan. A security vulnerability exists in the Zexeron ZWX-2000CSW2-HN prior to version 0.3.15, which originates from the use of hard-coded credentials that could allow a network-adjacent attacker with...

PT-2024-28693 · Unknown · Zwx-2000Csw2-Hn

Name of the Vulnerable Software and Affected Versions: ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 Description: The issue concerns the use of hard-coded credentials in the firmware, which may allow a network-adjacent attacker with administrative privilege to alter the device's...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from hard-coded SQL user credentials ...

Vonets WiFi Bridges

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Vonets Equipment : VAR1200-H, VAR1200-L, VAR600-H, VAP11AC, VAP11G-500S, VBG1200, VAP11S-5G, VAP11S, VAR11N-300, VAP11G-300, VAP11N-300, VAP11G, VAP11G-500, VBG1200, VAP11AC, VGA-1000...

PT-2024-5761 · Vonets · Vonets Industrial Wifi Bridge Relays +1

Name of the Vulnerable Software and Affected Versions: Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters versions 3.3.23.6.9 and prior Description: The issue exists due to the presence of hard-coded credentials in the application code. This allows a remote attacker to bypass...

Panasonic WV-S2231L Camera Use of Hard-coded Credentials (CVE-2020-29193)

Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa which is just the asdf keyboard row in reverse order. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2024-41689 Hard-coded Credentials Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

PT-2024-37952 · Perkinelmer +1 · Perkinelmer Processplus +1

Name of the Vulnerable Software and Affected Versions: PerkinElmer ProcessPlus versions through 1.11.6507.0 Description: The issue is related to the use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows, allowing an attacker to login and potentially remove data on all prone...