8070 matches found
PHPGurukul Dairy Farm Shop Management System 信任管理问题漏洞
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . A hard-coded vulnerability exists in the Dairy Farm Shop Management System, which stems from hard-coded credentials in the code that can be exploited by an attacker to access the control panel...
CVE-2022-22813
A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration...
Hardcoded credentials
A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration...
CVE-2022-22813
CVE-2022-22813 describes a CWE-798 hard-coded credentials issue in Schneider Electric Easergy P40 devices, where if an attacker obtains the TLS cryptographic key and takes control of the Courier tunneling/communication network, they could observe and manipulate product configuration traffic. Affe...
PT-2022-6633 · Schneider Electric · Schneider Electric Easergy P40
Name of the Vulnerable Software and Affected Versions: Schneider Electric Easergy P40 affected versions not specified Description: A Use of Hard-coded Credentials issue exists, potentially allowing an attacker to observe and manipulate traffic associated with product configuration if they obtain...
Siemens SICAM TOOLBOX II (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. UPDATE INFORMATION This advisory update is a follow-up to the original advisory titled ICSA-22-041-05 SICAM TOOLBOX II...
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14930)
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. Also, the accounts ineaadmin and mitsadm...
Schneider Electric Modicon M221 PLCs and SoMachine Basic Use of Hard-Coded Cryptographic Key (CVE-2017-7574)
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded- key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14926)
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard- coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware...
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
CVE-2022-22722
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...
CVE-2022-22722
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...
CVE-2022-22722
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...
CVE-2022-22722
The CVE-2022-22722 vulnerability affects Schneider Electric Easergy P5 (and related P3 issues) with a root cause of hard-coded credentials that could enable an attacker who gains SSH access to observe and manipulate device-config traffic, potentially leading to information disclosure and control ...
Advantech 信任管理问题漏洞
Advantech, an application of Advantech China, provides intelligent electric bus management systems. A trust management issue vulnerability exists in Advantech ADAM-3600, which stems from a hard-coded private key available in the project folder, and can be exploited by an attacker to achieve Web...
Advantech ADAM-3600
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...
Online Course Registration 信任管理问题漏洞
Online Course Registration is a PHP and MySQL based online course registration system from the PHPGurukul Phpgurukul team. A trust management issue vulnerability exists in Online Course Registration, which stems from hard-coded certificates included in the product source code, and can be exploite...
PrinterLogic Web Stack 信任管理问题漏洞
PrinterLogic Web Stack PrinterLogic Printer Installer is a native web application from PrinterLogic, Inc. Enables It departments to manage and automate the creation/dissemination of Printer Objects and Printer Drivers across print environments from a single management console. A trust management...
CVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline...