Unspecified Vulnerability in ZOLL Defibrillator Dashboard

ZOLL Defibrillator Dashboard is an asset management tool from ZOLL USA. Provides at-a-glance readiness checks for the entire defibrillator fleet, even for defibrillators on multiple campuses and locations. A security vulnerability exists in all versions of ZOLL Defibrillator Dashboard prior to 2....

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

ZOLL Defibrillator Dashboard

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: ZOLL Equipment: Defibrillator Dashboard Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Use of Hard-coded Cryptographic Key, Cleartext Storage of Sensitive Information, Cross-site...

CVE-2020-15382

Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time...

CVE-2020-15382

Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time...

CVE-2020-15382

CVE-2020-15382 affects Brocade SANnav before version 2.1.1, where a hard-coded administrator account with the weak password 'passw0rd' is created if no PostgreSQL password is provided at install time. The remediation is to upgrade to SANnav 2.1.1 or apply the vendor patch per BSA-2021-1484.

Hardcoding vulnerability in IEXplorer

The official version of iExplorer is an iTunes fast synchronization management tool for Apple users. IEXplorer has a hard-coded vulnerability that can be exploited by attackers to obtain sensitive information...

Bosch多个产品访问控制错误漏洞

Bosch B426 and others are a firmware from Bosch Germany. An access control error vulnerability exists in multiple Bosch products that stems from the use of hard-coded session tokens in the lgs.cgi module. The vulnerability allows remote attackers to bypass the authentication of the affected Bosch...

Bosch B426 Web Configuration Use of Hard-coded Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Bosch B426. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lgs.cgi module. This issue results from the use of hard-coded session token. An attacker c...

Fortinet FortiAuthenticator WEB UI 信任管理问题漏洞

The Fortinet FortiAuthenticator WEB UI is the web interface for a centralized user identity management solution from Fortinet, Inc. A security vulnerability exists in FortiAuthenticator that arises from the use of hard-coded keys to encrypt configuration files, debug logs, and password data. The...

FortiAuthenticator - Hard-coded cryptographic keys used to encrypt sensitive data

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

FortiWLC - Hardcoded root password

A use of hard-coded password vulnerability in FortiWLC may allow a local, authenticated attacker to connect to the managed Access Point Meru AP and FortiAP-U as root using the default hard-coded username and password...

CVE-2020-1716

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clusters via the Ceph...

Advantech WISE-PaaS/RMM Trust Management Issue Vulnerability

Advantech WISE-PaaS/RMM is a remote monitoring and management platform for IoT devices from Advantech Taiwan, China.Advantech WISE-PaaS/RMM versions prior to 9.0.1 are vulnerable to a trust management issue that stems from the presence of hard-coded credentials in the dashboard. An unauthenticate...

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

Hardcoded credentials

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

CVE-2021-32459

CVE-2021-32459 : A hard-coded credential exists in Trend Micro Home Network Security’s log collection server. Exploitation requires a specially crafted request to achieve arbitrary authentication, potentially enabling log data manipulation or exfiltration. Affected versions reported include Trend...

CommScope Ruckus IoT Controller 信任管理问题漏洞

The Commscope CommScope Ruckus IoT Controller is an IoT controller from Commscope, Inc. A virtual controller that integrates with the SmartZone controller to perform connectivity, device and security management functions for non-Wi-Fi devices. A trust management issue vulnerability exists in the...