CVE-2022-47618 Merit Lilin Ent. Co., Ltd. AH55B04 & AH55B08 DVR - Hard-coded Credentials

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service...

PT-2023-15439 · Meritlilin · Merit Lilin Ah55B08 +1

Name of the Vulnerable Software and Affected Versions: Merit LILIN AH55B04 & AH55B08 DVR firm affected versions not specified Description: The issue concerns hard-coded administrator credentials in the DVR firm. An unauthenticated remote attacker can use these credentials to log in to the...

CVE-2022-47618 Merit Lilin Ent. Co., Ltd. AH55B04 & AH55B08 DVR - Hard-coded Credentials

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service...

CVE-2022-47618

CVE-2022-47618 concerns hard-coded administrator credentials in Merit LILIN AH55B04 and AH55B08 DVRs. An unauthenticated remote attacker can use these credentials to log in to the administrator page and manipulate the system or disrupt service. This entry is supported by multiple sources; however...

SolarWinds Web Help Desk <= 12.7.6 Arbitrary Code Execution

The version of SolarWinds Web Help Desk installed on the remote host is prior to or equal to 12.7.6. It is, therefore, affected by an arbitrary code execution vulnerability. Through hard coded credentials, an attacker with local access to the Web Help Desk host machine allows to execute arbitrary...

Elvexys ISOS 信任管理问题漏洞

Elvexys ISOS is an application from Elvexys, Inc. A security vulnerability exists in Elvexys ISOS versions 1.81 through 2.00, which stems from hard-coded credentials containing the embedded StreamX installer...

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager

Multiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated remote adversary to obtain a user's plaintext passwords. "Successful exploitation allows an unauthenticated attacker to exfiltrate passwords from ...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611 Click Studios Passwordstate hard-coded credentials

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

PT-2022-27741 · Click Studios · Click Studios Passwordstate +1

Name of the Vulnerable Software and Affected Versions: Click Studios Passwordstate affected versions not specified Click Studios Passwordstate Browser Extension Chrome affected versions not specified Description: A problematic vulnerability was found in Click Studios Passwordstate and Passwordsta...

CVE-2022-4611

CVE-2022-4611 affects Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Vulnerability details in the provided documents indicate a manipulation that results in hard-coded credentials in an unspecified part of the product, with remote initiation possible and public disclosure...

EUVD-2022-51942

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (sound4server) Hardcoded Credentials

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

PT-2022-6392 · Schneider Electric · Apc Easy Ups Online Monitoring +1

Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...

Schneider Electric APC Easy UPS Online

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: APC Easy UPS Online Vulnerabilities: Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Incorrect Permission Assignment for...

CVE-2022-34840

Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier,...

CVE-2022-34840

Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier,...

Hardcoded credentials

Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier,...