3819 matches found
CVE-2020-6779
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...
CVE-2020-6779 Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...
CVE-2020-6779
CVE-2020-6779 affects Bosch FSM-2500 and FSM-5000 servers (up to v5.2). The root cause is hard-coded credentials in the database, enabling an unauthenticated remote attacker to log in with admin privileges. Impact stated: complete compromise of confidentiality and integrity of stored data and hig...
CVE-2020-35929
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...
CVE-2020-35929
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...
CVE-2020-35929
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...
CVE-2020-35929
CVE-2020-35929 concerns TinyCheck prior to commits 9fd360d and ea53de8, where the installation script contained hard-coded credentials for the backend. This creates potential for unauthorized access to remote data. The available documents identify the vulnerable component as the tool’s installati...
Kaspersky TinyCheck Trust Management Issues Vulnerability
Kaspersky TinyCheck is a software from the Russian company Kaspersky that captures network communications from smartphones or any device that can be associated with a Wi-Fi access point. TinyCheck before commits 9fd360d and ea53de8 suffers from a security vulnerability that stems from an...
Apache Flink Arbitrary File Write Vulnerability
Apache Flink is an efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file write vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability ...
Apache Flink Arbitrary File Read Vulnerability
Apache Flink is efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file read vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability to...
Apache Flink 安全漏洞
Apache Flink is efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file read vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability to...
CVE-2020-10207
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings...
CVE-2020-10207
CVE-2020-10207 involves use of hard-coded credentials in EntoneWebEngine on Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B devices, enabling remote attackers to retrieve and modify device settings. Affected component: EntoneWebEngine; root cause: hard-coded credentials. Impact:...
CVE-2020-10207
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings...
CVE-2020-29583 Zyxel USG Hard-Coded Admin Creds
Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Recent...
CVE-2020-6882
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...
CVE-2020-6882
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...
Design/Logic Flaw
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...
CVE-2020-25620
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named [email protected] and [email protected]. These allow logins to the N-Central Administrative Console NAC and/or the regular web interface...
CVE-2020-25620
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named [email protected] and [email protected]. These allow logins to the N-Central Administrative Console NAC and/or the regular web interface...