8071 matches found
Citrix SD-WAN 信任管理问题漏洞
Citrix SD-WAN is a networking product from Citrix, Inc. It virtualizes and optimizes enterprise site-to-site networks. A security vulnerability exists in Citrix SD-WAN that stems from hard-coded credentials that allow administrators to access the shell via the SD-WAN CLI...
CVE-2022-27506
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI...
CVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline...
CVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline...
CVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x–9.1.x is affected by a vulnerability due to hard coded credentials that allow a locally authenticated attacker to log in as the admin user to the backend Ethernet switch of a PowerScale cluster, potentially taking the switch offline. Root cause: hard coded credenti...
CVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline...
Citrix SD-WAN Security Bulletin for CVE-2022-27505 and CVE-2022-27506
Vulnerabilities have been discovered in multiple Citrix SD-WAN products. These vulnerabilities, if exploited, could result in the following security issues: CVE-ID| Description| CWE| Affected Products| Pre-conditions ---|---|---|---|--- CVE-2022-27505| Reflected cross site scriptingXSS| CWE-79:...
Fortinet FortiEDR Trust Management Issue Vulnerability (CNVD-2022-47976)
Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet U.S.A. Fortinet FortiEDR is vulnerable to a trust management issue that stems from the use of hard-coded encrypted RSA keys, which can be exploited by local attackers to disable and offload collectors from endpoints in...
CVE-2022-26671
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service...
CVE-2022-26671
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service...
CVE-2022-26671 TAIWAN SECOM CO., LTD., a xDoor Access Control and Personnel Attendance Management system - Hard-coded Credentials
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service...
CVE-2022-26671
CVE-2022-26671 affects Taiwan Secom Dr.ID Access Control system’s login page, where a hard-coded credential in the source code allows an unauthenticated remote attacker to obtain partial system information and modify system settings, causing partial service disruption. The available connected doc...
Taiwan Secom Dr.ID Access control 信任管理问题漏洞
Taiwan Secom Dr.ID Access control is an access control system from Taiwan Secom Corporation in Taiwan, China. A security vulnerability exists in the Taiwan Secom Dr.ID Access control system due to a hard-coded credential in the source code of the login page. An unauthenticated remote attacker cou...
The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, allows a perpetrator to increase their privileges.
The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, stems from the use of rigidly encoded user credentials. Exploiting this vulnerability could all...
Pepperl+Fuchs WirelessHART-Gateway
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Pepperl+Fuchs Equipment: WirelessHART-Gateway Vulnerabilities: Use of Hard-coded Credentials, Uncontrolled Resource Consumption, Reliance on Reverse DNS Resolution for a Security-critical Action, Path...
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...