D-Link DIR-850L REV.B Privilege Acquisition Vulnerability

The D-Link DIR-850L REV.B is a wireless router from AUO D-Link. A security vulnerability exists in the D-Link DIR-850L REV.B using firmware FW208WWb02 and prior versions, which stems from the use of hard-coded passwords for the Alphanetworks account. A remote attacker can exploit the vulnerabilit...

Hackers Can Remotely Access Syringe Infusion Pumps to Deliver Fatal Overdoses

Internet-of-things are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices. However, such devices could potentially be compromised by hackers. There are, of course, some really good reasons to connect certain devices t...

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Vulnerability

The Medfusion 4000 Wireless Syringe Infusion Pump is a syringe infusion pump deployed in healthcare and public health for delivering small doses of medication in acute care settings. The Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump is vulnerable to a hard-coded vulnerability where...

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Vulnerability (CNVD-2017-25719)

The Medfusion 4000 Wireless Syringe Infusion Pump is a syringe infusion pump deployed in healthcare and public health for delivering small doses of medication in acute care settings. The Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump is vulnerable to a hard-coded vulnerability where...

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hardcoded Password Vulnerability

The Medfusion 4000 Wireless Syringe Infusion Pump is a syringe infusion pump deployed in healthcare and public health for delivering small doses of medication in acute care settings. The Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump is vulnerable to a hard-coded password...

Barracuda Load Balancer Hard-Coded Weak Credentials Vulnerability

Barracuda Load Balancer is an application delivery controller from Barracuda Networks. The controller provides protection against intrusions and attacks while optimizing application load and providing performance support. A security vulnerability exists in Barracuda Load Balancer version 5.0.0.01...

Multiple Westermo devices hard-coded to use encryption key vulnerability

The Westermo MRD-305-DIN, MRD-315 and MRD-355 are all router products from Westermo, Sweden. A security vulnerability exists in multiple Westermo devices. An attacker could exploit the vulnerability to decode traffic from other sources...

CVE-2014-8426

CVE-2014-8426 affects Barracuda Load Balancer ADC with firmware 5.0.0.015, where hard-coded weak credentials are present. Connected sources describe a hard-coded credential issue and related weaknesses (including SSH key issues and offline password-reset vectors) that could enable unauthorized ac...

Multiple Westermo Routers Hardcoded Password Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers are vulnerable to a hard-coded password vulnerability where the device uses a hard-coded special key that allows an attacker to decrypt traffic from any other source...

Hardcoded credentials

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source...

Hardcoded credentials

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

CVE-2017-12709

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

CVE-2017-12709

CVE-2017-12709 describes a local-authentication vulnerability in Westermo MRD-305-DIN (older than 1.7.5.0) and MRD-315, MRD-355, MRD-455 (older than 1.7.5.0). The root cause is the use of hard-coded credentials, which could allow an unauthorized local user with low privileges to access the device...

Multiple Westermo Routers Hardcoded for Unauthorized Access Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers have a hard-coded unauthorized access vulnerability, where the device uses hard-coded credentials that allow a local attacker to exploit the vulnerability to gain unauthorized access to the...

ICSA-17-236-01_Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Westermo Equipment: MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Vulnerabilities: Cross-Site Request Forgery CSRF, Use of Hard-Coded Credentials, and Use of Hard-Coded Cryptographic Key AFFECTED PRODUCTS The following...

ICSMA-17-229-01_Philips' DoseWise Portal Vulnerabilities

OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal DWP web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities...

Intercom MaLion for Windows and Mac Hard-Coded Encryption Key Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A security vulnerability exists in Intercom MaLion versions 3.2....

New IoT Bill Proposes Security Standards for Smart Devices

By this time, almost every one of you owns at least one internet-connected device—better known as the "Internet of things"—at your home, but how secure is your device? We have recently seen Car hacking that could risk anyone's life, Hoverboard hacking, even hacking of a so-called smart Gun and al...

Trend Micro Deep Discovery Director Hard-Coded Archive File Password Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A security vulnerability...

New Bill Seeks Basic IoT Security Standards

Lawmakers in the U.S. Senate today introduced a bill that would set baseline security standards for the government's purchase and use of a broad range of Internet-connected devices, including computers, routers and security cameras. The legislation, which also seeks to remedy some widely-perceive...