Fortinet FortiWLC 访问控制错误漏洞

The Fortinet FortiWLC is a wireless LAN controller from Fortinet, Inc. An access control error vulnerability exists in the Fortinet FortiWLC that stems from the presence of hard-coded credentials in the application code...

Security Bulletin: IBM QRadar SIEM contains hard-coded credentials (CVE-2021-20401, CVE-2020-4932)

Summary IBM QRadar SIEM contains hard-coded credentials Vulnerability Details CVEID: CVE-2020-4932 DESCRIPTION: IBM QRadar contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or...

IBM QRadar SIEM 信任管理问题漏洞

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A hard-coded credentials vulnerability exists in IBM QRadar SIEM versions 7.3 an...

CVE-2020-4932

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748...

Advantech WISE-PaaS/RMM 信任管理问题漏洞

Advantech WISE-PaaS/RMM is a remote monitoring and management platform for IoT devices from Advantech Taiwan, China.Advantech WISE-PaaS/RMM versions prior to 9.0.1 are vulnerable to a trust management issue that stems from the presence of hard-coded credentials in the dashboard. An unauthenticate...

IBM QRadar SIEM 信任管理问题漏洞

QRadar SIEM is an IBM enterprise security information and event management product that consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. A hard-coded credentials vulnerability exists in IBM QRadar SIEM versions 7.3 an...

Advantech WISE-PaaS RMM

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WISE-PaaS/RMM Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information...

INIM ELECTRONICS SmartLiving System 信任管理问题漏洞

INIM ELECTRONICS SmartLiving System is an application of the Italian company INIM ELECTRONICS. A SmartLiving System. A security vulnerability exists in INIM ELECTRONICS SmartLiving System that stems from the use of default hard-coded credentials...

CVE-2021-30165

The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices...

Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Summary IBM Spectrum Protect Plus contains hard-coded credentials which could allow a remote attacker to gain elevated privileges. UPDATED: 24 February 2021 - Remediation/Fixes section updated with additional vSnap requirements for upgrading to 10.1.7. UPDATED: 23 April 2021 - Added 10.1.8 fix...

CVE-2021-0248

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0245

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. This issue affects: Juniper Networks Junos OS Junos Fusion Satellite Devices. 16.1...

CVE-2021-0248

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0248

CVE-2021-0248 affects Juniper Networks Junos OS on NFX Series devices where a hard-coded credential flaw allows an attacker to take over any instance of an NFX deployment . The vulnerability is exploitable only via administrative interfaces . Affected scope is Junos OS versions prior to 19.1R1 on...

CVE-2021-0248 NFX Series: Hard-coded credentials allow an attacker to take control of any instance through administrative interfaces.

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0245 Junos OS: Junos Fusion: Hard-coded credentials on satellite devices allows a locally authenticated attacker to elevate their privileges.

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. This issue affects: Juniper Networks Junos OS Junos Fusion Satellite Devices. 16.1...

Security Bulletin: Resilient OnPrem is affected by the use of hard-code credentials in its internal email server

Summary Security Bulletin: Resilient OnPrem is affected by the use of hard-code credentials in its internal email server Vulnerability Details Summary Resilient OnPrem has removed the use of hard-coded credentials. Vulnerability Details CVEID: CVE-2019-4534 DESCRIPTION: IBM Resilient OnPrem...

Juniper Junos OS Vulnerability (JSA11138)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11138 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

Hardcoded credentials

The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E all firmware versions prior to v04A00.1...

Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of critical security shortcomings in GE's Universal Relay UR family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain...