CVE-2022-22522

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device...

CVE-2022-22522

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device...

CVE-2022-28812

CVE-2022-28812 involves Carlo Gavazzi UWP3.0 (multiple versions) and CPY Car Park Server 2.8.3, where a remote, unauthenticated attacker can exploit hard-coded credentials to obtain SuperUser access. The CVE is supported by multiple sources in the connected set (Red Hat, NVD/NVD-derived entries, ...

CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device...

CVE-2022-22522

CVE-2022-22522 affects Carlo Gavazzi UWP3.0 and CPY Car Park Server 2.8.3, where a remote, unauthenticated attacker could exploit hard-coded credentials to gain full access to the device. The vulnerability is described as trust/credential management issues enabling authentication bypass and full ...

CVE-2022-22522 Hard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the device

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device...

CVE-2022-22522 Hard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the device

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device...

Carlo Gavazzi UWP 信任管理问题漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. A trust management issue vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploited ...

Carlo Gavazzi UWP 信任管理问题漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A vulnerability with trust management issues exists in Carlo Gavazzi UWP version 3.0...

PT-2022-19252 · Carlo Gavazzi · Carlo Gavazzi Uwp3.0

Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi UWP3.0 affected versions not specified CPY Car Park Server version 2.8.3 Description: A remote, unauthenticated attacker could use hard-coded credentials to gain SuperUser access to the device. This issue affects multiple versio...

PT-2022-15492 · Carlo Gavazzi · Carlo Gavazzi Uwp3.0

Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi UWP3.0 affected versions not specified CPY Car Park Server version 2.8.3 Description: A remote, unauthenticated attacker could use hard-coded credentials to gain full access to the device. This issue affects Carlo Gavazzi UWP3.0...

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

Hardcoded credentials

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

CVE-2022-3214 Delta Electronics DIAEnergy Use of Hard-coded Credentials

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

CVE-2022-3214

CVE-2022-3214 affects Delta Electronics DIAEnergie. Vulnerable in DIAEnergie before version 1.9.03.009 due to CWE-798 hard-coded credentials; an unauthenticated attacker could upload executables via a hard-coded bearer authorization, enabling remote code execution. CVSS v3.1 base score 9.8 (Netwo...

PT-2022-6643 · Unknown · Diaenergie

Name of the Vulnerable Software and Affected Versions: DIAEnergie versions prior to 1.9.03.009 Description: The issue is related to the use of hard-coded credentials in the DIAEnergie industrial energy management system. This allows a remote attacker to execute arbitrary code by uploading...

Exploit for Use of Hard-coded Credentials in Automationanywhere Automation_360

CVE-2022-29856-PoC Minimal...

CVE-2022-38394

Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...