Security Bulletin: Multiple Vulnerabilities Affect IBM Secure Proxy

Summary There are multiple vulnerabilities in IBM Secure Proxy. IBM Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-29723 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

D-Link DVG-3104MS Default Account Vulnerability

A security vulnerability exists in D-Link DVG-3104MS, a gateway from D-Link, Taiwan, China, due to the fact that D-Link DVG-3104MS versions 1.0.2.0.3, 1.0.2.0.4 and 1.0.2.0.4E contain " /etc/passwd" file that does not record hard-coded credentials for user accounts. An attacker could exploit this...

D-Link DSR-500N Default Account Vulnerability

A security vulnerability exists in the D-Link DSR-500N, a wireless router from D-Link, Taiwan, China, which stems from the fact that version 1.02 of the D-Link DSR-500N contains hard-coded credentials for user accounts that are not documented in the "etc/passwd" file. The vulnerability is caused ...

D-Link DVX-2000MS Default Account Vulnerability

A security vulnerability exists in the D-Link DVX-2000MS, a hardware for IP telephony systems from D-Link in Taiwan, China. file contains hard-coded credentials that do not record user accounts. An attacker could exploit this vulnerability to recover plaintext passwords from hash values...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

CVE-2021-39613

D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values. NOTE: This vulnerability only affects products...

CVE-2021-39614

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

Hardcoded credentials

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

CVE-2021-39615

The D-Link DSR-500N is affected by CVE-2021-39615 in version 1.02, where hard-coded credentials for undocumented accounts in /etc/passwd allow an attacker to log in via SSH or Telnet and gain access to the embedded Linux OS. The issue is fixed in firmware version 2.12/2. This vulnerability is not...

CVE-2021-39614

CVE-2021-39614 affects D-Link DVX-2000MS. The vulnerability arises from hard-coded credentials for undocumented user accounts stored in the "/etc/passwd" file, with weak passwords allowing plaintext passwords to be recovered from hash values. The connected documents confirm the product and the ro...

CVE-2021-39614

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values...

CVE-2021-39613

The CVE affects D-Link DVG-3104MS devices (firmware versions 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E) where hard-coded credentials for undocumented accounts exist in /etc/passwd. This leads to plaintext passwords recoverable from stored hashes, with impact described as confidentially/high integrity/...

CVE-2021-39613

D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values. NOTE: This vulnerability only affects products...

多款Altus Sistemas de Automacao设备信任管理问题漏洞

Altus Sistemas de Automacao Nexto NX30xx, among others, is an industrial automation device from Brazilian company Altus Sistemas de Automacao. A security vulnerability exists in several Altus Sistemas de Automacao devices, which stems from the presence of hard-coded .htaccess credentials for...

PT-2021-22677 · D Link · D-Link Dvg-3104Ms

Name of the Vulnerable Software and Affected Versions: D-Link DVG-3104MS versions 1.0.2.0.3 through 1.0.2.0.4E Description: The issue concerns hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. Weak passwords have been used, allowing plaintext passwords to be recover...

D-Link DVX-2000MS 信任管理问题漏洞

A security vulnerability exists in the D-Link DVX-2000MS, a hardware for IP telephony systems from D-Link in Taiwan, China. file contains hard-coded credentials that do not record user accounts. An attacker could exploit this vulnerability to recover plaintext passwords from hash values...

PT-2021-4449 · D Link · Dsr-500N

Name of the Vulnerable Software and Affected Versions: D-Link DSR-500N version 1.02 D-Link DSR-500N versions prior to 2.12/2 Description: The issue is related to hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. If an attacker recovers the cleartext password of the...

D-Link DSR-500N 信任管理问题漏洞

A security vulnerability exists in the D-Link DSR-500N, a wireless router from D-Link, Taiwan, China, which stems from the fact that version 1.02 of the D-Link DSR-500N contains hard-coded credentials for user accounts that are not documented in the "etc/passwd" file. The vulnerability is caused ...