CVE-2023-34284 NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

D-Link DAP-2622 安全漏洞

The D-Link DAP-2622 is a wireless access point Access Point device from D-Link, a Chinese company. A security vulnerability exists in the D-Link DAP-2622 that stems from a bypass vulnerability in authentication using hard-coded credentials...

Voltronic Power ViewPower 安全漏洞

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower Pro due to hard-coded database credentials. An attacker can exploit the vulnerability to escalate privileges and execu...

D-Link D-View 安全漏洞

D-Link D-View is a web-based design network device management software from China's Terasic D-Link. A security vulnerability exists in D-Link D-View, which originates from InstallApplication's use of hard-coded credentials authentication bypass vulnerability...

CyberPower PowerPanel Business

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: CyberPower Equipment: PowerPanel business Vulnerabilities: Use of Hard-coded Password, Relative Path Traversal, Use of Hard-coded Credentials, Active Debug Code, Storing Passwords in a...

PT-2024-3240 · Cyberpower · Cyberpower Powerpanel

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel affected versions not specified Description: The issue is related to hard-coded credentials used by the CyberPower PowerPanel platform for authentication to the database, other services, and the cloud. This could allow a...

PT-2024-3242 · Cyberpower · Cyberpower Powerpanel

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel business application affected versions not specified Description: The issue is related to a hard-coded set of authentication credentials in the CyberPower PowerPanel business application code. This could allow an attacke...

PT-2024-3235 · Cyberpower · Cyberpower Powerpanel

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel affected versions not specified Description: The issue is related to hard-coded credentials for the test server found in the production code, which could allow an attacker to gain access to the testing or production...

Fortinet FortiClient Hardcoded credentials in vcm2.exe (FG-IR-23-108)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-108 advisory. - A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an...

CVE-2024-29966

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance...

CVE-2024-29966

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance...

CVE-2024-29966 hard-coded credentials in the documentation that appear as the appliance root password

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance...

CVE-2024-29966

CVE-2024-29966 affects Brocade SANnav OVA images prior to 2.3.1 and 2.3.0a where hard-coded credentials are documented as the appliance root password. This could allow an unauthenticated attacker full access to the SANnav appliance. Root cause: credentials documented in install/maintenance materi...

CVE-2024-29966 hard-coded credentials in the documentation that appear as the appliance root password

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance...

CVE-2024-21990

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-21990

CVE-2024-21990 concerns ONTAP Select Deploy administration utility, where hard-coded credentials in versions 9.12.1.x, 9.13.1.x and 9.14.1.x may allow an attacker to view Deploy configuration information and modify account credentials. The issue is documented across multiple sources (NetApp advis...

CVE-2023-40146

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...

CVE-2023-40146

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...

CVE-2023-40146

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...

CVE-2023-40146

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...