Lucene search
K

8070 matches found

Prion
Prion
added 2021/12/08 1:15 p.m.16 views

Hardcoded credentials

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

5CVSS7.4AI score0.01042EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/12/08 12:16 p.m.10 views

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

7.5CVSS6.7AI score0.01042EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.19 views

Fortinet FortiOS 信任管理问题漏洞

Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...

7.5CVSS5.7AI score0.01042EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.5 views

PT-2021-22288

Name of the Vulnerable Software and Affected Versions Raspberry Pi OS versions through 5.10 Description The issue concerns a hard-coded password in Raspberry Pi OS. If the default password for the pi account is not changed, attackers can gain administrator privileges. Recommendations For Raspberr...

10CVSS8.2AI score0.15666EPSS
Exploits3References17
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.37 views

Protect

A use of hard-coded cryptographic key vulnerability CWE 321 in FortiOS SSLVPN may allow an attacker to retrieve the key by reverse engineering...

5CVSS7.2AI score0.01042EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/11/26 5:15 p.m.13 views

CVE-2021-26611

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

9.8CVSS0.01127EPSS
Exploits0References1
OSV
OSV
added 2021/11/26 5:15 p.m.4 views

CVE-2021-26611

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

9.8CVSS5.8AI score0.01127EPSS
Exploits0References1
CVE
CVE
added 2021/11/26 4:31 p.m.48 views

CVE-2021-26611

CVE-2021-26611 affects the HejHome GKW-IC052 IP Camera, where hard-coded credentials enable remote attackers to operate the device (reboot, factory reset, snapshot, etc.). The available sources consistently describe this as a hard-coded credentials vulnerability impacting the IP camera, treated a...

9.8CVSS8.9AI score0.01127EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/26 4:31 p.m.17 views

CVE-2021-26611 HejHome IP Camera use of hard-coded credentials vulnerability

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...

8.1CVSS9.6AI score0.01127EPSS
Exploits0References1
OSV
OSV
added 2021/11/23 8:15 p.m.3 views

CVE-2021-36312

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system...

9.1CVSS5.8AI score0.01036EPSS
Exploits0References1
NVD
NVD
added 2021/11/23 8:15 p.m.11 views

CVE-2021-36312

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system...

9.1CVSS0.01036EPSS
Exploits0References1
CVE
CVE
added 2021/11/23 8:0 p.m.48 views

CVE-2021-36312

CVE-2021-36312 concerns Dell EMC CloudLink, affecting 7.1 and earlier. A hard-coded password vulnerability exists in CloudLink that could allow a remote, high-privileged attacker to gain unauthorized access to affected systems. The issue is documented across multiple sources (NVD entry and CNVD/C...

9.1CVSS8.9AI score0.01036EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/23 8:0 p.m.10 views

CVE-2021-36312

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system...

9.1CVSS9.2AI score0.01036EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.2 views

Dell EMC CloudLink 安全漏洞

Dell EMC CloudLink is a flexible data encryption and key management solution for data encryption in public, private, and hybrid cloud environments.A hard-coded password vulnerability exists in Dell EMC CloudLink 7.1 and earlier versions. An attacker could exploit this vulnerability to gain...

9.1CVSS5.6AI score0.01036EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.10 views

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to hard-coding passwords, allows a intruder to escalate their privileges and execute arbitrary code.

The vulnerability of the microprogrammed logic controller ioLogik software relates to the rigid encoding of passwords. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.3 views

The vulnerability of the serial interface converter NPort IAW5250A-6I/O lies in the use of a hard-coded cryptographic key, which allows a hacker to modify the device’s firmware.

The vulnerability of the NPort IAW5250A-6I/O serial interface converter is related to the use of a rigidly encoded cryptographic key. Exploiting this vulnerability could allow an attacker to modify the device’s firmware remotely...

9.4CVSS5.5AI score
Exploits0References1Affected Software1
ICS
ICS
added 2021/11/18 12:0 a.m.36 views

Philips IntelliBridge EC 40 and EC 80 Hub

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9.2AI score0.00453EPSS
Exploits0References5
OSV
OSV
added 2021/11/10 4:15 p.m.3 views

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

10CVSS5.8AI score0.01105EPSS
Exploits1References2
CVE
CVE
added 2021/11/10 3:57 p.m.50 views

CVE-2021-40519

Airangel HSMX Gateway devices prior to version 5.2.04 have hard-coded PostgreSQL database credentials embedded in the configuration file, according to multiple sources. This root cause allows an attacker to connect to the HSMX database over the network, potentially enabling unauthorized access to...

10CVSS9.5AI score0.01105EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/11/10 3:57 p.m.14 views

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

9.7AI score0.01105EPSS
Exploits1References2
Rows per page
Query Builder