D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability

Summary A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions D-LINK DIR-3040...

D-LINK DIR-3040 Syslog information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1283 D-LINK DIR-3040 Syslog information disclosure vulnerability July 15, 2021 CVE Number CVE-2021-21818 Summary A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

Retty App 信任管理问题漏洞

Retty Retty App is a food app from Retty Japan. Retty App suffers from a trust management issue vulnerability that Retty App uses hard-coded API keys as an external service...

Multiple vulnerabilities in Retty App

Overview Retty App provided by Retty Inc. contains multiple vulnerabilities listed below. The app is launched by Custom URL Scheme and a user may be led to access an arbitrary URL CWE-939 - CVE-2021-20747 The App uses a hard-coded API key for external services CWE-798 - CVE-2021-20748 Ryo Sato of...

JVN#26891339: Multiple vulnerabilities in Retty App

Retty App provided by Retty Inc. contains multiple vulnerabilities listed below. The app is launched by Custom URL Scheme and a user may be led to access an arbitrary URL CWE-939 - CVE-2021-20747 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score:...

Unspecified Vulnerability in QSAN Storage Manager

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A security vulnerability exists in QSAN Storage Manager that stems from the use of a hard-coded encryption key vulnerability that could be exploited by an attacker to gain access to user credentials and...

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33218

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33220

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...

Hardcoded credentials

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33220

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33219

CVE-2021-33219 affects CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The vulnerability is caused by a hard-coded web application administrator password for the accounts named admin and nplus1user , described as an undocumented administrative-level credential that cannot be changed by the c...

CVE-2021-32535

The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32525

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been...

CVE-2021-32520

Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to obtain users’ credentials and related permissions. Suggest contacting with QSAN and refer to recommendations in QSAN Document...