Lucene search
K

3831 matches found

OSV
OSV
added 2024/05/15 8:15 p.m.4 views

CVE-2024-32053

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

9.8CVSS5.8AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/15 7:36 p.m.12 views

CVE-2024-32047 CyberPower PowerPanel business Active Debug Code

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

9.8CVSS6.9AI score0.00513EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/15 7:36 p.m.21 views

CVE-2024-32047 CyberPower PowerPanel business Active Debug Code

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

9.8CVSS9.6AI score0.00513EPSS
Exploits0References2
CVE
CVE
added 2024/05/15 7:36 p.m.56 views

CVE-2024-32047

The CVE concerns CyberPower PowerPanel Business software where hard-coded credentials for the test server exist in production code. Affects PowerPanel business (versions up to 4.9.0 and earlier per CNNVD/ICS notes) and could allow an attacker to bypass authentication and access testing or product...

9.8CVSS6.7AI score0.00513EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/15 7:34 p.m.47 views

CVE-2024-32053

CVE-2024-32053 affects CyberPower PowerPanel Business Platform, where hard-coded credentials are used for authentication to the database, other services, and the cloud. The result is potential attacker access with PowerPanel business application privileges. Mitigation in the Connected documents: ...

9.8CVSS6.7AI score0.00474EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/15 7:34 p.m.19 views

CVE-2024-32053 CyberPower PowerPanel business Use of Hard-coded Credentials

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

9.8CVSS9.6AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/15 7:34 p.m.13 views

CVE-2024-32053 CyberPower PowerPanel business Use of Hard-coded Credentials

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

9.8CVSS6.8AI score0.00474EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/05/15 12:0 a.m.19 views

SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use...

8.6CVSS7AI score0.01073EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.3 views

Cyber Power Systems PowerPanel Business Edition 安全漏洞

Cyber Power Systems PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures, and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distribution Units. ...

9.8CVSS6.5AI score0.00513EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.6 views

Cyber Power Systems PowerPanel Business Edition 安全漏洞

Cyber Power Systems PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures, and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distribution Units. ...

9.8CVSS6.5AI score0.00474EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A security vulnerability exists in FreePBX versions 1805 through 2203 that stems from the use of hard-coded...

8.6CVSS6.8AI score0.00712EPSS
Exploits0References2
ICS
ICS
added 2024/05/14 12:0 a.m.45 views

Siemens SIMATIC CN 4100

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

10CVSS9.5AI score0.00703EPSS
Exploits0References12
CVE
CVE
added 2024/05/09 12:43 p.m.43 views

CVE-2024-23473

CVE-2024-23473 affects SolarWinds Access Rights Manager (ARM). The connected documents describe a hard-coded credential authentication bypass that allows remote access to the RabbitMQ management console. The vulnerability arises from the RabbitMQ configuration using hard-coded credentials, enabli...

9.8CVSS8.5AI score0.01073EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/03 3:16 a.m.5 views

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 3:16 a.m.16 views

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

7.8CVSS7.8AI score0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.8 views

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/05/03 3:15 a.m.9 views

CVE-2023-44411

D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exist...

9.8CVSS9.8AI score0.02351EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:15 a.m.5 views

CVE-2023-44411

D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exist...

9.8CVSS5.8AI score0.02351EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-44411

D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exist...

9.8CVSS5.9AI score0.02351EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 3:15 a.m.6 views

CVE-2023-39458

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit th...

5.3CVSS5.9AI score0.00247EPSS
Exploits0References2
Rows per page
Query Builder