PiiGAB M-Bus

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PiiGAB, Processinformation i Göteborg Aktiebolag Equipment: M-Bus SoftwarePack 900S Vulnerabilities: Code Injection, Improper Restriction of Excessive Authentication Attempts, Unprotected Transport of...

PiiGAB M-Bus 900S 信任管理问题漏洞

PiiGAB M-Bus is a communication protocol used between meters and centralized data collection systems or prepaid units from PiiGAB. A vulnerability with trust management issues exists in PiiGAB M-Bus version 900S, which stems from the inclusion of hard-coded credentials for authentication...

PT-2023-25405 · Unknown · Piigab M-Bus

Name of the Vulnerable Software and Affected Versions: PiiGAB M-Bus affected versions not specified Description: The issue concerns hard-coded credentials used for authentication in PiiGAB M-Bus. No information is provided about the estimated number of potentially affected devices or real-world...

CVE-2023-34473

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

CVE-2023-34473

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

CVE-2023-34473 Usage of Hard-coded Credentials

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

CVE-2023-34473

AMI SPx BMC contains a vulnerability (CVE-2023-34473) where a valid user can cause the use of hard-coded credentials. Consequences may include loss of confidentiality, integrity, and availability. Exploitation details are not provided in the sources; no remediation/version fix is specified in the...

CVE-2023-34473 Usage of Hard-coded Credentials

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

Authentication Bypass

sphinx is vulnerable to Authentication Bypass. This vulnerability exists in the use of hard-coded credentials, which enables a local attacker to utilize the default password and bypass the login...

AMI MegaRAC 信任管理问题漏洞

AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI MegaRA...

PT-2023-24899 · Ami · Ami Spx

Name of the Vulnerable Software and Affected Versions: AMI SPx affected versions not specified Description: The issue is related to a vulnerability in the BMC of AMI SPx, where a valid user can cause the use of hard-coded credentials. This may lead to a loss of confidentiality, integrity, and...

VulnCheck KEV: CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp...

Exploit for Use of Hard-coded Credentials in Fortinet Fortianalyzer

Decrypt FortiManager configuration secrets CVE-2020-9289 CV...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...

CVE-2023-28387

The CVE-2023-28387 entry concerns the NewsPicks mobile apps for Android (versions 10.4.5 and earlier) and iOS (versions 10.4.2 and earlier) that hard‑code credentials, enabling a local attacker to access app data and potentially obtain an API key for an external service. Affected components are t...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...

NewsPicks 信任管理问题漏洞

NewsPicks is an economic news website from the Japanese company NewsPicks. A security vulnerability exists in NewsPicks version 10.4.5 and prior versions that stems from the application's use of hard-coded credentials...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Use of Hard-Coded Credentials (CVE-2023-2061)

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via...