CVE-2017-14027

CVE-2017-14027 concerns Korenix JetNet industrial Ethernet switches with hard-coded credentials. Affected versions include JetNet5018G v1.4, JetNet5310G v1.4a, JetNet5428G-2G-2FX v1.4, JetNet5628G-R v1.4, JetNet5628G v1.4, JetNet5728G-24P v1.4, JetNet5828G v1.1d, JetNet6710G-HVDC v1.1e, and JetNe...

CVE-2017-14027

A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and...

Korenix JetNet Unauthorized Access Vulnerability

JetNet is a family of industrial Ethernet switch products from Clorox. An unauthorized access vulnerability exists in Korenix JetNet, which allows an attacker unauthorized access due to the software's use of undocumented hard-coded credentials...

PT-2017-3192 · Korenix · Jetnet5628G-R +7

Name of the Vulnerable Software and Affected Versions: Korenix JetNet5018G version 1.4 Korenix JetNet5310G version 1.4a Korenix JetNet5428G-2G-2FX version 1.4 Korenix JetNet5628G-R version 1.4 Korenix JetNet5628G version 1.4 Korenix JetNet5728G-24P version 1.4 Korenix JetNet5828G version 1.1d...

ZTE ZXR10 Router Multiple Vulnerabilities( CVE-2017-10931)

Vulnerabilities summary The following advisory describes five 5 vulnerabilities found in ZTE ZXR10 Router. ZXR10 ZSR V2 series router is “the next generation intelligent access router product of ZTE, which integrates routing, switching, wireless, security, and VPN gateway. The product adopts...

CVE-2017-10616

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

CVE-2017-10616

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

CVE-2017-10616 Contrail: hard coded credentials

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

CVE-2017-10616

CVE-2017-10616 affects Juniper Contrail’s ifmap service and stems from hard-coded credentials in the bundled ifmap component. Affected releases include Contrail 2.2 before 2.21.4; 3.0 before 3.0.3.4; 3.1 before 3.1.4.0; and 3.2 before 3.2.5.0. This CVE can be chained with CVE-2017-10617, contribu...

PT-2017-11411 · Juniper Networks · Contrail

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

Complain Management System - Hard-Coded Credentials Blind SQL injection

Complain Management System - Hard-Coded Credentials Blind SQL injection Exploit Title : Complain Management System Blind SQL Injection Date: 10 October 2017 Exploit Author: havysec Tested on: ubuntu14.04 Vendor: https://sourceforge.net/projects/complain-management-system/ Version: not supplied...

Complain Management System - Hard-Coded Credentials / Blind SQL injection

Exploit Title : Complain Management System Blind SQL Injection Date: 10 October 2017 Exploit Author: havysec Tested on: ubuntu14.04 Vendor: https://sourceforge.net/projects/complain-management-system/ Version: not supplied Download Software:...

FLIR Systems Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes 5 five vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series. FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID...

FLIR Systems Cameras Multiple Vulnerabilities

FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FLIR Thermal Camera FFCPTD - SSH Backdoor Access

FLIR Thermal Camera FFCPTD - SSH Backdoor Access FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA...

FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access

FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC FC-Series ID...

Hardcoded credentials

A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 all known versions allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability(CVE-2016-8717)

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

Hackers Can Remotely Access Syringe Infusion Pumps to Deliver Fatal Overdoses

Internet-of-things are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices. However, such devices could potentially be compromised by hackers. There are, of course, some really good reasons to connect certain devices t...

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Vulnerability (CNVD-2017-25719)

The Medfusion 4000 Wireless Syringe Infusion Pump is a syringe infusion pump deployed in healthcare and public health for delivering small doses of medication in acute care settings. The Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump is vulnerable to a hard-coded vulnerability where...