Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

Overview Sharp and Toshiba Tec MFPs multifunction printers contain multiple vulnerabilities listed below. Stack-based Buffer Overflow CWE-121 - CVE-2024-28038 Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-28955 Cleartext Storage of Sensitive Information CWE-312 -...

Aptos Wisal payroll 安全漏洞

Aptos Wisal payroll is an enterprise resource planning ERP solution from Aptos Luxembourg focused on the retail industry. A security vulnerability exists in Aptos Wisal payroll versions prior to 7.1.6 that stems from the use of hard-coded credentials. An attacker exploited the vulnerability to...

WordPress plugin Atarim 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Exploit for Use of Hard-coded Credentials in Dlink Dns-320L_Firmware

Dinkleberry 🫐 Are you one of the 92,000+ people1 stuck with a...

Trellix ePolicy Orchestrator 信任管理问题漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A trust management issue vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the use of hard-coded credentials that allow an attacker with administrator privileges to...

CVE-2024-34025

CyberPower PowerPanel business application code contains a hard-coded set of authentication credentials. This could result in an attacker bypassing authentication and gaining administrator privileges...

CVE-2024-32047

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

CVE-2024-32047

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

CVE-2024-32053

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

CVE-2024-32053

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

CVE-2024-32047

The CVE concerns CyberPower PowerPanel Business software where hard-coded credentials for the test server exist in production code. Affects PowerPanel business (versions up to 4.9.0 and earlier per CNNVD/ICS notes) and could allow an attacker to bypass authentication and access testing or product...

CVE-2024-32047 CyberPower PowerPanel business Active Debug Code

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

CVE-2024-32047 CyberPower PowerPanel business Active Debug Code

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

CVE-2024-32053 CyberPower PowerPanel business Use of Hard-coded Credentials

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

CVE-2024-32053 CyberPower PowerPanel business Use of Hard-coded Credentials

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

CVE-2024-32053

CVE-2024-32053 affects CyberPower PowerPanel Business Platform, where hard-coded credentials are used for authentication to the database, other services, and the cloud. The result is potential attacker access with PowerPanel business application privileges. Mitigation in the Connected documents: ...

Cyber Power Systems PowerPanel Business Edition 安全漏洞

Cyber Power Systems PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures, and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distribution Units. ...

Cyber Power Systems PowerPanel Business Edition 安全漏洞

Cyber Power Systems PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures, and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distribution Units. ...

SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use...

Siemens SIMATIC CN 4100

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...