Juniper Contrail Information Disclosure Vulnerability

Juniper Contrail is a suite of cloud-based security solutions from Juniper Networks, Inc. The solution provides intelligent automation, application security and reliability for cloud and NFV. A security vulnerability exists in the ifmap service in Juniper Contrail that stems from the program's us...

CVE-2017-10616

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

CVE-2017-10616

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

CVE-2017-10616

CVE-2017-10616 affects Juniper Contrail’s ifmap service and stems from hard-coded credentials in the bundled ifmap component. Affected releases include Contrail 2.2 before 2.21.4; 3.0 before 3.0.3.4; 3.1 before 3.1.4.0; and 3.2 before 3.2.5.0. This CVE can be chained with CVE-2017-10617, contribu...

CVE-2017-10616 Contrail: hard coded credentials

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

PT-2017-11411 · Juniper Networks · Contrail

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

Complain Management System - Hard-Coded Credentials Blind SQL injection

Complain Management System - Hard-Coded Credentials Blind SQL injection Exploit Title : Complain Management System Blind SQL Injection Date: 10 October 2017 Exploit Author: havysec Tested on: ubuntu14.04 Vendor: https://sourceforge.net/projects/complain-management-system/ Version: not supplied...

Complain Management System - Hard-Coded Credentials / Blind SQL injection

Exploit Title : Complain Management System Blind SQL Injection Date: 10 October 2017 Exploit Author: havysec Tested on: ubuntu14.04 Vendor: https://sourceforge.net/projects/complain-management-system/ Version: not supplied Download Software:...

FLIR Systems Cameras Multiple Vulnerabilities

FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FLIR Systems Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes 5 five vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series. FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID...

FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access

FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC FC-Series ID...

FLIR Thermal Camera FFCPTD - SSH Backdoor Access

FLIR Thermal Camera FFCPTD - SSH Backdoor Access FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA...

CVE-2017-12928

A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 all known versions allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials...

Hardcoded credentials

A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 all known versions allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials...

CVE-2017-12928

A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 all known versions allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials...

CVE-2017-12928

CVE-2017-12928 affects TecnoVISION DLX Spot Player4. The root cause is a hard-coded password (tecn0visi0n) for the dlxuser account, allowing remote SSH login and privilege escalation to root on all known versions. Exploitation and impact are documented in multiple sources (NVD/CNVD/OpenVAS refere...

Huawei FusionSphere OpenStack Information Disclosure Vulnerability (CNVD-2017-34443)

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere OpenStack suffers from an...

CVE-2017-9649

A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants including RSD31-AM Package, DRM-1/2 and variants including Solar PWR Package, DRM and RDS Based Boundary Monitors, External...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability(CVE-2016-8717)

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

Foscam C1 Webcam FTP Hard Coded Password Vulnerability(CVE-2016-8731)

Summary Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device. Tested Versions Foscam C1 Firmware Version...