CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

CVE-2017-9656

This CVE (CVE-2017-9656) affects Philips DoseWise Portal (DWP) Backend DB credentials in versions 1.1.7.333 and 2.1.1.3069. The root cause is hard-coded credentials in backend system files, granting a database account with privileges that can affect confidentiality, integrity, and availability. E...

CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

Prisma Industriale Checkweigher PrismaWEB Hardcoded Credentials Vulnerability

Prisma Industriale Checkweigher PrismaWEB is a management system for checkweighers from Prisma Italia. A security vulnerability exists in Prisma Industriale Checkweigher PrismaWEB version 1.21. A remote attacker can exploit the vulnerability by reading the file user/scripts/loginpar.js to obtain ...

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules...

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules...

Multiple Vulnerabilities in TVT DVR/NVR/IPC

Shenzhen Tongwei Digital Technology Co., Ltd TVT for short is an international first-class product and system solution provider in the field of video security integrating R&D, production, sales and service, providing video security products and solutions with core competitiveness for users in mor...

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard...

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an...

FiberHome VDSL2 Modem HG 150-UB Login Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: FiberHome VDSL2 Modem HG 150-UB Login Bypass Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an attacke...

FiberHome VDSL2 Modem HG 150-UB Login Bypass

Exploit Title: FiberHome VDSL2 Modem HG 150-UB Login Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an attacker can bypass login page by setting the...

Moxa AWK-3131A Wireless Access Point Hardcoded Administrator Certificate Vulnerability

The Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa. A security vulnerability exists in the Moxa AWK-3131A Wireless Access Point using firmware version 1.1, which originates from the use of hard-coded credentials by a root account. An attacker could use the vulnerability to ta...

Hardcoded credentials

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

CVE-2016-8717

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

CVE-2016-8717

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

CVE-2016-8717

CVE-2016-8717 affects Moxa AWK-3131A Wireless Access Point with firmware 1.1. The device OS contains an undocumented privileged root account with hard-coded credentials, enabling full control of affected devices. Public TALOS and relevant advisories confirm an exploitable hard-coded credentials v...

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection DVP 2.10 - Hard-Coded Credentials VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the D...

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the DVP is configured as Protector, Sentinel or Fortress Version = The...

PT-2018-3750 · Moxa · Wdr-3124A Series +5

Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Point version 1.1 OnCell G3470A-LTE Series affected versions not specified WDR-3124A Series affected versions not specified TAP-323 Series affected versions not specified WAC-1001 Series affected versions not...

VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution

VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the DVP is configured as Protector, Sentinel or Fortress Version = The...