CVE-2016-8731

Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device...

PT-2017-9770 · Foscam · Foscam C1

Name of the Vulnerable Software and Affected Versions: Foscam C1 version 1.9.1.12 Description: The issue concerns hard-coded FTP credentials, specifically r:r, included in the firmware. This could allow remote access to cameras connected to the internet without port 50021 blocked by an intermedia...

Cisco Ultra Services Framework Element Manager Insecure Default Credentials Vulnerability

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin and oper user...

Multiple Vulnerabilities in CERIO DT-100G-N/DT-300N/CW-300N

CERIO DT-100G-N/DT-300N/CW-300N are wireless router products from CERIO. The CERIO DT-100G-N/DT-300N/CW-300N is vulnerable to hard-coded and default credentials, information disclosure, command injection, and backdoor vulnerabilities. It is allowed to escape a restricted shell to the root shell v...

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities CERIO 11nbg 2.4Ghz High Power Wireless Router pekcmd Rootshell Backdoors Vendor: CERIO Corporation Product web page: http://www.cerio.com.tw Affected version: DT-100G-N fw: Cen-WR-G2H5 v1.0.6 DT-300N fw: Cen-CPE-N2H10A v1.0.14 DT-300N fw:...

CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors

Summary CERIO's DT-300N A4 eXtreme Power 11n 2.4Ghz 2x2 High Power Wireless Access Point with built-in 10dBi patch antennas and also supports broadband wireless routing. DT-300N A4's wireless High Power design enhances the range and stability of the device's wireless signal in office and home...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2017-9132

CVE-2017-9132 describes a hard-coded credentials flaw affecting Mimosa Client Radios, Mimosa Backhaul Radios, and Mimosa Access Points released before 2.2.3. The devices run Mosquitto to exchange data; exploitation enables an attacker to connect to the broker using embedded credentials and view m...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

Hard-coded credential vulnerability in multiple Veritas products

Veritas NetBackup Appliance is an enterprise-class backup management appliance; NetBackup Server is a set of enterprise-class backup management servers that can run on multiple operating systems. A hard-coded credential vulnerability exists in multiple Veritas products. An attacker could exploit...

IBM QRadar SIEM Local Hardcoded Credential Information Disclosure Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A local hard-coded...

Hughes satellite modems contain multiple vulnerabilities

Overview Several models of Hughes high-performance broadband satellite modems are potentially vulnerable to several issues if not appropriately configured. Description Several models of Hughes high-performance broadband satellite modems are potentially vulnerable to the following issues if not...

CVE-2016-8361

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...

CVE-2016-5818

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...

CVE-2016-5818

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...

CVE-2016-5818

CVE-2016-5818 affects Schneider Electric PowerLogic PM8ECC module up to version 2.651. The vulnerability arises from undocumented hard-coded credentials that grant access to the device, enabling remote access to configuration data. Public advisories note a remote-exploit possibility; no widely kn...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

Hardcoded credentials

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...