Multiple Vulnerabilities in CERIO DT-100G-N/DT-300N/CW-300N

CERIO DT-100G-N/DT-300N/CW-300N are wireless router products from CERIO. The CERIO DT-100G-N/DT-300N/CW-300N is vulnerable to hard-coded and default credentials, information disclosure, command injection, and backdoor vulnerabilities. It is allowed to escape a restricted shell to the root shell v...

CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors

Summary CERIO's DT-300N A4 eXtreme Power 11n 2.4Ghz 2x2 High Power Wireless Access Point with built-in 10dBi patch antennas and also supports broadband wireless routing. DT-300N A4's wireless High Power design enhances the range and stability of the device's wireless signal in office and home...

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities CERIO 11nbg 2.4Ghz High Power Wireless Router pekcmd Rootshell Backdoors Vendor: CERIO Corporation Product web page: http://www.cerio.com.tw Affected version: DT-100G-N fw: Cen-WR-G2H5 v1.0.6 DT-300N fw: Cen-CPE-N2H10A v1.0.14 DT-300N fw:...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

Hardcoded credentials

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2017-9132

CVE-2017-9132 describes a hard-coded credentials flaw affecting Mimosa Client Radios, Mimosa Backhaul Radios, and Mimosa Access Points released before 2.2.3. The devices run Mosquitto to exchange data; exploitation enables an attacker to connect to the broker using embedded credentials and view m...

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

CVE-2014-9931

A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value...

Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability (CNVD-2017-08798)

Cisco Unified Contact Center Enterprise UCCE is a set of IP-based contact center components from Cisco. It provides intelligent contact routing, call processing, network-to-desktop computer telephony integration CTI, and multi-channel contact management capabilities over an IP infrastructure. A...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account that has an...

Man-in-the-Middle (MitM)

github.com/heroku/force is vulnerable to man-in-the-middle attack. The attack is possible because it uses hard-coded root certificates and InsecureSkipVerify function of force.go...

Hyundai Motor America Blue Link Sensitive Information Disclosure Vulnerability

Hyundai Motor America Blue Link is a remote wireless remote control device for use in automobiles. A sensitive information disclosure vulnerability exists in Hyundai Motor America Blue Link versions 3.9.5 and 3.9.4, which stems from the program's use of hard-coded passwords. An attacker could...

CVE-2017-6054

A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information...

TP-Link TL-SG108E Encryption Issue Vulnerability

The TP-Link TL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-Link TL-SG108E version 1.0 using firmware version 1.1.2 Build 20141017 Rel.50749, which stems from the program's use of hard-coded encryption keys. An attacker could exploit the vulnerability to obtain...

CVE-2017-8077

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key a long string beginning with Ei2HNryt. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...

CVE-2017-8077

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key a long string beginning with Ei2HNryt. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...