Lucene search
K

8078 matches found

CVE
CVE
added 2022/09/16 2:23 p.m.64 views

CVE-2022-38823

CVE-2022-38823 affects TOTOLINK T6 V4.1.5cu.709_B20210518, where a hard-coded root password is stored in /etc/shadow.sample. The vulnerability is described consistently across NVD, Red Hat, CVE feeds, and CNVD references, indicating a high-severity issue with CVSS 3.1 base score 9.8 (NETWORK atta...

9.8CVSS9.4AI score0.00916EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.4 views

PT-2022-6643 · Unknown · Diaenergie

Name of the Vulnerable Software and Affected Versions: DIAEnergie versions prior to 1.9.03.009 Description: The issue is related to the use of hard-coded credentials in the DIAEnergie industrial energy management system. This allows a remote attacker to execute arbitrary code by uploading...

10CVSS7.5AI score0.01488EPSS
Exploits0References10
GithubExploit
GithubExploit
added 2022/09/15 8:29 a.m.621 views

Exploit for Use of Hard-coded Credentials in Automationanywhere Automation_360

CVE-2022-29856-PoC Minimal...

7.5CVSS7.7AI score0.0152EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.7 views

PT-2022-23237 · Contec · Contec Fxa3200

Name of the Vulnerable Software and Affected Versions: Contec FXA3200 versions 1.13 and under Description: The issue concerns a hard-coded hash password for the root user stored in the /etc/shadow component. This password is weak and can be cracked in a few minutes. Once the password is obtained,...

8.8CVSS8.7AI score0.00947EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2022/09/08 8:15 a.m.1 views

CVE-2022-38394

Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...

9.8CVSS7.6AI score0.00913EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/09/08 8:15 a.m.12 views

CVE-2022-38394

Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...

9.8CVSS0.00913EPSS
Exploits0References2
OSV
OSV
added 2022/09/08 8:15 a.m.4 views

CVE-2022-38394

Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...

9.8CVSS6AI score0.00913EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/08 7:10 a.m.20 views

CVE-2022-38394

Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...

9.9AI score0.00913EPSS
Exploits0References2
CVE
CVE
added 2022/09/08 7:10 a.m.59 views

CVE-2022-38394

CVE-2022-38394 affects CentreCOM AR260S V2 firmware prior to 3.3.7. The telnet service uses hard-coded credentials, enabling a remote unauthenticated attacker to execute arbitrary OS commands. Affected product is CentreCOM AR260S V2; remediation is to update to firmware 3.3.7 or later and/or disa...

9.8CVSS9.6AI score0.00913EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/09/08 12:0 a.m.2 views

TOTOLINK A860R /etc/shadow.sample hardcoded vulnerability

TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. The TOTOLINK A860R suffer...

7.5CVSS7.2AI score0.00572EPSS
Exploits0References1
NVD
NVD
added 2022/09/06 5:15 p.m.17 views

CVE-2022-37841

In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...

7.5CVSS0.00572EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/06 4:39 p.m.26 views

CVE-2022-37841

In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...

7.9AI score0.00572EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.3 views

TOTOLINK A860R 信任管理问题漏洞

TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. The TOTOLINK A860R suffer...

7.5CVSS7AI score0.00572EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/06 12:0 a.m.5 views

PT-2022-24110 · Totolink · Totolink A860R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue concerns a hard-coded password for the root user, located in the /etc/shadow.sample file. Recommendations: For TOTOLINK A860R version 4.1.2cu.5182 B20201027, consider changi...

7.5CVSS7.6AI score0.00572EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/09/02 9:8 a.m.2 views

Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series

Overview FLEXLAN FX3000 and FX2000 series provided by Contec Co., Ltd. contain multiple vulnerabilities listed below. Hidden Functionality CWE-912 - CVE-2022-36158 Use of Hard-coded Credentials CWE-798 - CVE-2022-36159 Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these...

8.8CVSS7.5AI score0.01431EPSS
Exploits2References10
ICS
ICS
added 2022/09/01 6:0 a.m.48 views

Contec Health CMS8000 Patient Monitor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Contec Health Equipment: CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor Vulnerabilities: Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code 2. RISK EVALUATION...

7.5CVSS7AI score0.00768EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2022/09/01 3:15 a.m.2 views

CVE-2022-36672

Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...

9.8CVSS6.9AI score0.00948EPSS
Exploits1References2
NVD
NVD
added 2022/09/01 3:15 a.m.20 views

CVE-2022-36672

Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...

9.8CVSS0.00948EPSS
Exploits1References1
OSV
OSV
added 2022/09/01 3:15 a.m.13 views

CVE-2022-36672

Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...

9.8CVSS7.1AI score
Exploits0References1
Cvelist
Cvelist
added 2022/09/01 2:8 a.m.23 views

CVE-2022-36672

Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session...

9.5AI score0.00948EPSS
Exploits1References1
Rows per page
Query Builder