Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)

/ Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To protect the innocent a critical step has been omitte...

CVE-2008-0961

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface...

PT-2008-2569 · Emv · Emc Diskxtender

Name of the Vulnerable Software and Affected Versions: EMV DiskXtender version 6.20.060 Description: The issue allows remote attackers to bypass authentication due to a hard-coded login and password. This can be exploited via the RPC interface. Recommendations: For version 6.20.060, consider...

CVE-2008-1160

ZyXEL ZyWALL 1050 is affected by CVE-2008-1160 due to a hard-coded default password for the Quagga/Zebra routing daemons. The vulnerability allows remote attackers to gain privileges by authenticating with the default credentials (password: zebra) on Quagga/RIP ports 2601 and 2602 and Quagga/OSPF...

CVE-2008-1160

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges...

PT-2008-1001 · Zyxel +1 · Zywall Usg 300 +3

Name of the Vulnerable Software and Affected Versions: ZyXEL ZyWALL 1050 affected versions not specified ZyXEL ZyWALL USG 300 affected versions not specified Description: The issue is related to a hard-coded password for the Quagga and Zebra processes in the ZyXEL ZyWALL firewall/router operating...

CVE-2008-1079

The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET uses hard-coded credentials for an FTP server, which allows remote attackers to gain privileges...

CVE-2008-1079

CVE-2008-1079 affects Beehive Software SendFile.NET. The outboxWriteUnsent function in FTPThread.class within SendFile.jar uses hard-coded credentials for an FTP server, allowing remote attackers to gain privileges. The provided documents do not specify a patch or workaround; exploitation details...

TBDev torrent tacker script backdoor - FAKE

On connection with hard coded key with hash "0bffd3d87e7267c7fe686e20acbee7ab" all database tables are dropped...

CVE-2007-2040

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192...

CVE-2007-2040

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192...

CVE-2007-2032

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

CVE-2007-2032

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

Hardcoded credentials

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

CVE-2007-2040

This CVE (CVE-2007-2040) affects Cisco Aironet 1000/1500 Lightweight Access Points, with hard-coded credentials allowing an attacker with physical access to perform arbitrary actions on the device. Affected firmware versions are before 3.2.185.0 for 1000/1500 lightweight APs and before 4.0.206.0 ...

CVE-2007-2032

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

CVE-2007-2032

Cisco Wireless Control System (WCS) prior to 4.0.96.0 contains a hard-coded FTP username and password used for backup operations. This credential flaw can allow remote attackers to read and modify arbitrary files via unspecified vectors related to the FTP server’s properties (Bug CSCse93014). The...

CVE-2007-2040

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192...

CVE-2006-7142

The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive...

PT-2007-1420 · Utimaco · Utimaco Safeguard

Name of the Vulnerable Software and Affected Versions: Utimaco Safeguard affected versions not specified Description: The centralized management feature of Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files. This allows attackers to...