CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

CVE-2026-25803

CVE-2026-25803 – 3DP-MANAGER uses hard-coded admin credentials . The Red Hat, NVD, and related feeds report that, through version 2.0.1 and earlier, 3DP-MANAGER automatically creates an administrative account with default credentials (admin/admin) on first initialization. If an attacker can reach...

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the deriveVaultKey function. An attacker can recover a significant portion of the cryptographic key by brute-forcing the remaining unpredictable bytes if they have physical access to the device...

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the deriveVaultKey function. An attacker can recover a significant portion of the cryptographic key by brute-forcing the remaining unpredictable bytes if they have physical access to the device...

Use of Hard-coded Credentials

Overview fuxa-server is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the jwt-helper.js when verifying JWT tokens. An attacker can gain unauthorized administrative access by forging valid tokens...

Vulnerabilities fixed in SolarWinds Web Help Desk

SolarWinds has fixed vulnerabilities in SolarWinds Web Help Desk. The vulnerabilities include the ability for unauthenticated attackers to gain access to limited functionality within the system, the use of hard-coded credentials that could grant unauthorized access to administrative functions, an...

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

EUVD-2026-4968

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

CVE-2026-1610

CVE-2026-1610 affects Tenda AX12 Pro V2 (firmware 16.03.49.24_cn). The Telnet Service contains a vulnerability that allows remote manipulation leading to hard-coded credentials. Exploitation is described as remote, with high complexity, and the exploit has been publicly disclosed. No remediation ...

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution RCE. The list of vulnerabilities is as follows - CVE-2025-40536 CV...

PT-2026-5329

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24 cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is neede...

Tenda AX12 Pro Trust Management Vulnerability

The Tenda AX12 Pro is a router produced by the Chinese company Tenda. The Tenda AX12 Pro V2 16.03.49.24cn version has a vulnerability related to trust management. This vulnerability stems from hard-coded credentials in the Telnet Service...

SolarWinds Web Help Desk Trust Management Vulnerability

SolarWinds Web Help Desk is a service desk and asset management software provided by the American company SolarWinds. This software supports centralized knowledge bases, IT asset management, project and task management functions, etc. There is a vulnerability related to trust management in...

CVE-2025-58744

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from...