CVE-2023-6255

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App allows Read Sensitive Strings Within an Executable. This issue affects SoliPay Mobile App: before 5.0.8...

CVE-2023-6255

CVE-2023-6255 affects Utarit Information Technologies SoliPay Mobile App (pre-5.0.8). The root cause is hard-coded credentials embedded in the mobile app, enabling reading of sensitive strings within the executable. Impact, per sources, is confidentiality-related (readability of sensitive data); ...

CVE-2024-0390

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

CVE-2024-0390

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

CVE-2024-0390 Hard-coded credentials in iZZi connect application

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

CVE-2024-0390 Hard-coded credentials in iZZi connect application

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

CVE-2024-0390

CVE-2024-0390 affects INPRAX iZZi connect for Android. The vulnerability stems from hard-coded MQTT queue credentials used by the iZZi connect app and the associated recuperation devices, enabling unauthorized access to read and manage parameters of the reQnet iZZi unit. Affected versions are pri...

Utarit Information Technologies SoliPay Mobile App Trust Management Issue Vulnerability

Utarit Information Technologies SoliPay Mobile App is a mobile application from Utarit Information Technologies. A trust management issue vulnerability exists in Utarit Information Technologies SoliPay Mobile App versions prior to 5.0.8 that stems from the use of hard-coded credentials. An attack...

INPRAX iZZi Trust Management Issues Vulnerabilities

INPRAX iZZi is an application from INPRAX Corporation. A security vulnerability exists in versions prior to INPRAX iZZi 2024010401 that stems from the inclusion of hard-coded queue credentials that could allow unauthorized access to manage and read recovery unit parameters...

PT-2024-14914

Name of the Vulnerable Software and Affected Versions SoliPay Mobile App versions prior to 5.0.8 Description The issue affects the SoliPay Mobile App, allowing an attacker to read sensitive strings within an executable due to the use of hard-coded credentials. This vulnerability enables access to...

CVE-2023-6409

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to a project file protected with application password when opening the file with EcoStruxure Control Expert...

CVE-2023-6409

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to a project file protected with application password when opening the file with EcoStruxure Control Expert...

Schneider Electric Modicon M340 Trust Management Issue Vulnerability

The Schneider Electric Modicon M340 is a mid-range PLC Programmable Logic Controller for industrial processes and infrastructure from Schneider Electric France. The Schneider Electric Modicon M340 is vulnerable to a trust management issue that arises from the use of hard-coded credentials, which...

VulnCheck KEV: CVE-2021-22707

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an...

PT-2024-1723 · Schneider Electric · Ecostruxure It Gateway

Name of the Vulnerable Software and Affected Versions: Schneider Electric EcoStruxure IT Gateway affected versions not specified Description: The issue is related to the use of hard-coded credentials in the software, which could allow an attacker to escalate their privileges locally when logged i...

PT-2024-2808 · Schneider Electric · Ecostruxure Process Expert +1

Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert affected versions not specified EcoStruxure Process Expert affected versions not specified Description: A Use of Hard-coded Credentials issue exists that could cause unauthorized access to a project file protected...

RICOH SP C250 Series Use of Hard-coded Credentials (CVE-2019-14309)

Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders. This plugin only works with Tenable.ot. Please visit...

CVE-2024-22313

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749...

CVE-2024-22313

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749...

Hardcoded credentials

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749...