Lucene search
K

8072 matches found

CNNVD
CNNVD
added 2022/04/26 12:0 a.m.4 views

Apache Doris 信任管理问题漏洞

Apache Doris is a modern MPP analytics database product from the Apache Foundation, USA. An information disclosure vulnerability exists in versions of Apache Doris prior to 1.0.0, which stems from the use of hard-coded keys and IVs to initialize the cipher used for ldap passwords. An attacker cou...

7.5CVSS5.6AI score0.03137EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/04/26 12:0 a.m.223 views

QNAP QTS / QuTS Hero Default Credentials

The remote QNAP QTS or QuTS Hero web administration interface uses a known set of hard-coded default credentials. An attacker can exploit this to gain administrative access to the remote host. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...

5.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/21 12:0 a.m.403 views

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...

0.6AI score
Exploits0
0day.today
0day.today
added 2022/04/21 12:0 a.m.398 views

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Exploit

The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7. !/usr/bin/env python...

7AI score
Exploits0
NVD
NVD
added 2022/04/20 12:16 a.m.15 views

CVE-2022-24860

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP address...

9.8CVSS0.0161EPSS
Exploits1References5
Prion
Prion
added 2022/04/20 12:16 a.m.18 views

Hardcoded credentials

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP address...

7.5CVSS9.3AI score0.0161EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2022/04/20 12:0 a.m.2 views

Dairy Farm Shop Management System Hardcoded Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . A hard-coded vulnerability exists in the Dairy Farm Shop Management System, which stems from hard-coded credentials in the code that can be exploited by an attacker to access the control panel...

9.8CVSS7.1AI score0.02313EPSS
Exploits1References1
Zero Science Lab
Zero Science Lab
added 2022/04/20 12:0 a.m.376 views

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

Summary USR-G806 is a industrial 4G wireless LTE router which provides a solution for users to connect own device to 4G network via WiFi interface or Ethernet interface. USR-G806 adopts high performance embedded CPU which can support 580MHz working frequency and can be widely used in Smart Grid,...

10CVSS7.3AI score0.01654EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2022/04/19 11:25 p.m.6 views

CVE-2022-24860 Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability.

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP address...

7.4CVSS9.5AI score0.0161EPSS
Exploits1References5
CVE
CVE
added 2022/04/19 11:25 p.m.708 views

CVE-2022-24860

Databasir 1.01 contains a hard-coded cryptographic key vulnerability that lets an attacker generate login credentials for any user and access the backend service at different IP addresses. This is described across multiple sources (NVD description, Red Hat entry, CVE listings) as a use of hard-co...

9.8CVSS8.7AI score0.0161EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/04/19 11:25 p.m.25 views

CVE-2022-24860 Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability.

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP address...

7.4CVSS9.1AI score0.0161EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.4 views

Databasir 信任管理问题漏洞

Databasir is a relational database model document management platform for teams. A security vulnerability exists in Databasir 1.01, which stems from the fact that an attacker can use hard-coded login credentials to generate any user's login credentials and log in to the backend of a service locat...

9.8CVSS8.3AI score0.0161EPSS
Exploits1References7
OSV
OSV
added 2022/04/14 9:15 p.m.5 views

CVE-2020-25168

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

3.3CVSS5.8AI score0.00206EPSS
Exploits0References2
Prion
Prion
added 2022/04/14 9:15 p.m.20 views

Hardcoded credentials

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

2.1CVSS5AI score0.00206EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/04/14 8:6 p.m.60 views

CVE-2020-25168

Hard-coded credentials in B. Braun SpaceCom and Data module compactplus (L81/U61 and A10/A11) enable attackers with command-line access to reach the device’s Wi‑Fi module. Affected: SpaceCom, Battery Pack with Wi‑Fi, Data module compactplus. Remediation: software updates released by B. Braun (US/...

3.3CVSS4.3AI score0.00206EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/14 8:6 p.m.22 views

CVE-2020-25168 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

3.3CVSS3.9AI score0.00206EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/04/14 8:6 p.m.7 views

CVE-2020-25168 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...

3.3CVSS6.8AI score0.00206EPSS
Exploits0References2
OSV
OSV
added 2022/04/13 6:15 p.m.3 views

CVE-2022-27506

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI...

2.7CVSS5.8AI score0.00633EPSS
Exploits0References1
NVD
NVD
added 2022/04/13 6:15 p.m.17 views

CVE-2022-27506

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI...

6.8CVSS0.00633EPSS
Exploits0References1
Prion
Prion
added 2022/04/13 6:15 p.m.11 views

Hardcoded credentials

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI...

6.8CVSS4.5AI score0.00633EPSS
Exploits0References1Affected Software14
Rows per page
Query Builder