8034 matches found
CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
EUVD-2026-4968
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution RCE. The list of vulnerabilities is as follows - CVE-2025-40536 CV...
Tenda AX12 Pro Trust Management Vulnerability
The Tenda AX12 Pro is a router produced by the Chinese company Tenda. The Tenda AX12 Pro V2 16.03.49.24cn version has a vulnerability related to trust management. This vulnerability stems from hard-coded credentials in the Telnet Service...
PT-2026-5329
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24 cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is neede...
SolarWinds Web Help Desk Trust Management Vulnerability
SolarWinds Web Help Desk is a service desk and asset management software provided by the American company SolarWinds. This software supports centralized knowledge bases, IT asset management, project and task management functions, etc. There is a vulnerability related to trust management in...
Dokploy Trust Management Vulnerability
Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy prior to 0.26.6 contained a vulnerability related to trust management. This vulnerability stemmed from hard-coded credentials in the installation script, which could lead to the exposure of database credentials...
CVE-2025-59095
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2026-22586
Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096
CVE-2025-59096 describes a weak default password in dormakaba Kaba exos 9300 (U9ExosAdmin.exe, extended admin mode). Root cause: hard-coded default password present in multiple locations and in local user docs. Impact (per provided data): local attacker with HIGH privileges and LOCAL access could...
CVE-2025-59096 Weak Default Password in dormakaba Kaba exos 9300
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
EUVD-2025-206360
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59095
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59095
CVE-2025-59095 affects dormakaba Kaba exos 9300 software. Public descriptions in multiple sources indicate that DLLs/binaries (notably Kaba.EXOS.common.dll) use a hard-coded, static cryptoKey with a simple XOR-based encrypt/decrypt routine to process user PINs before storing them in MSSQL. The ro...
CVE-2025-59095 Hard-coded Key for PIN Encryption in dormakaba Kaba exos 9300
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59095 Hard-coded Key for PIN Encryption in dormakaba Kaba exos 9300
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
PT-2026-4746
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...