CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

PT-2022-26299 · Pctechsoft · Pcsecure

Name of the Vulnerable Software and Affected Versions: PCTechSoft PCSecure version 5.0.8.xw Description: The issue is related to the use of hard-coded credentials in configuration files, which can lead to unauthorized access to the admin panel. Recommendations: For PCTechSoft PCSecure version...

CVE-2022-42176

PCSecure V5.0.8.xw by PCTechSoft is affected by hard-coded credentials in configuration files, allowing local access to the admin panel. The linked exploit/documentation shows credentials stored in a plaintext system.bmp within the configuration, enabling a local user to log in as administrator. ...

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-29477 SUMMARY An authentication bypass vulnerability exists in the web interface /action/factory...

CVE-2022-38420

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420 Adobe ColdFusion Use of Hard-coded Credentials Application denial-of-service

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

CVE-2022-38420

CVE-2022-38420 affects Adobe ColdFusion Update 14 and earlier, and Update 4 and earlier. It is a Use of Hard-coded Credentials vulnerability that could cause application denial-of-service by granting access to start/stop arbitrary services; exploitation does not require user interaction. Widely c...

CVE-2022-38420 Adobe ColdFusion Use of Hard-coded Credentials Application denial-of-service

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

EUVD-2022-41005

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

Adobe ColdFusion trust management issue vulnerability

Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. The platform includes an integrated development environment and scripting language.Adobe ColdFusion has a trust management issue vulnerability that...

Adobe ColdFusion Admin Component Use of Hard-coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Admin Component service. The service uses a hard-coded password for the administrato...

Adobe ColdFusion 信任管理问题漏洞

Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. The platform includes an integrated development environment and scripting language.Adobe ColdFusion has a trust management issue vulnerability that...

Buffalo Trust Management Issue Vulnerability

Buffalo firmware is a network device from Buffalo, a Japanese company. Buffalo Wi-Fi devices are vulnerable to a trust management issue that stems from the use of hard-coded credentials, which can be exploited by an attacker on a neighboring network to modify the device's configuration...

Authentication Bypass

github.com/flyteorg/flyteadmin is vulnerable to authentication bypass. The vulnerability exists in config.go due to the use of hard-coded credentials without changing the default client id hashes, which allows an attacker to access for flyte propeller after turning on authentication via a...

Multiple vulnerabilities in Buffalo network devices

Overview Multiple network devices provided by Buffalo Inc. contain multiple vulnerabilities listed below. Hidden Functionality CWE-912 - CVE-2022-39044 Use of Hard-coded Credentials CWE-798 - CVE-2022-34840 Authentication Bypass CWE-288 - CVE-2022-4096 Chuya Hayakawa of 00One, Inc. reported these...

Buffalo network devices 信任管理问题漏洞

Buffalo firmware is a network device from Buffalo, a Japanese company. Buffalo Wi-Fi devices are vulnerable to a trust management issue that stems from the use of hard-coded credentials, which can be exploited by an attacker on a neighboring network to modify the device's configuration...

BD Totalys MultiProcessor 信任管理问题漏洞

The BD Totalys MultiProcessor is a medical device from Bidi Medical BD, USA. combines full automation of the cell enrichment process for cervical samples, a strict chain of custody, and customizable small samples for ancillary testing. The BD Totalys MultiProcessor suffers from a trust management...

BD Totalys MultiProcessor

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Totalys MultiProcessor Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or...

CVE-2022-28812

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device...