CVE-2021-33014

CVE-2021-33014 describes a hard-coded credentials issue in KUKA KR C4 and KSS, allowing an attacker to gain VxWorks Shell after login on versions prior to 8.7 (KR C4) or any product running KSS. Technical details in connected documents confirm the root cause (hard-coded credentials) and the impac...

CVE-2021-33014 KUKA KR C4 - Use of Hard-Coded Credentials

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33014 KUKA KR C4 - Use of Hard-Coded Credentials

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33016 KUKA KR C4 - Use of Hard-Coded Credentials

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33016 KUKA KR C4 - Use of Hard-Coded Credentials

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

CVE-2021-33016

Summary of CVE-2021-33016 : The vulnerability affects KUKA KR C4 control software (and products running KSS) for versions prior to 8.7. It stems from hard-coded credentials that allow an attacker to gain full access (read/write/delete) to sensitive folders. Public documentation from NVD/Red Hat/N...

CVE-2013-10002

A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials...

CVE-2013-10002 Telecommunication Software SAMwin Contact Center Suite Credential SAMwinLIBVB.dll getCurrentDBVersion hard-coded credentials

A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials...

CVE-2013-10002 Telecommunication Software SAMwin Contact Center Suite Credential SAMwinLIBVB.dll getCurrentDBVersion hard-coded credentials

A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials...

CVE-2013-10002

The CVE affects Telecommunication Software SAMwin Contact Center Suite 5.1. The root cause is the getCurrentDBVersion function in the credential handler library SAMwinLIBVB.dll, which relies on hard-coded credentials for authentication. This leads to potential credential exposure and unauthorized...

Telecommunication Software SAMwin Contact Center Suite 信任管理问题漏洞

Telecommunication Software SAMwin Contact Center Suite is a highly versatile and flexible contact center software solution from Telecommunication Software. A security vulnerability exists in Telecommunication Software SAMwin Contact Center Suite version 5.1, which stems from a function...

Rakuten Mobile Rakuten Casa Trust Management Issue Vulnerability

Rakuten Mobile Rakuten Casa is a small base station from Rakuten Mobile Japan, Inc. A trust management issue vulnerability exists in Rakuten Mobile Rakuten Casa APFV200 and APFV141 versions, which stems from the presence of hard-coded credentials in the application code. An unauthenticated, remot...

Multiple vulnerabilities in Rakuten Casa

Overview Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. Use of Hard-coded Credentials CWE-798 - CVE-2022-29525 Improper Access Control CWE-284 - CVE-2022-28704 Improper Access Control CWE-284 - CVE-2022-26834 CVE-2022-29525 Narumi Hirai of LAC Co.,...

JVN#46892984: Multiple vulnerabilities in Rakuten Casa

Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. Use of Hard-coded Credentials CWE-798 - CVE-2022-29525 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 5.9 CVSS v2| AV:N/AC:M/Au:N/C:C/I:N/A:N| Base...

Hardcoded credentials

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor

Exploit Title: USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor Exploit Author: LiquidWorm !/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com |...

CVE-2022-30234

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

Bender ebee 充电控制器 信任管理问题漏洞

The ebee is a charge controller from Bender. A security vulnerability exists in the Bender ebee Charge Controller that stems from the susceptibility to hard-coded credentials. An attacker may be able to use a password to gain administrative access to the Web UI. The following products and version...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Exploit

The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7. !/usr/bin/env python...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...