Bosch FSM-2500 server and Bosch FSM-5000 server hard-coded vulnerability

Bosch FSM-2500 and Bosch FSM-5000 are both panel-ready fire control systems from Bosch of Germany. Bosch FSM-2500 and Bosch FSM-5000 suffer from a hard-coded vulnerability that could be exploited by remote attackers to submit special requests to gain unauthorized access to the database system wit...

PT-2021-9837 · Mofi Network +1 · Mofi4500-4Gxelte +1

Name of the Vulnerable Software and Affected Versions: Mofi Network MOFI4500-4GXeLTE version 4.1.5-std Description: An issue was discovered where the Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom...

CVE-2020-6779

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...

CVE-2020-6779

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...

Bosch FSM-2500 server 和 Bosch FSM-5000 server 信任管理问题漏洞

Bosch FSM-2500 and Bosch FSM-5000 are both panel-ready fire control systems from Bosch of Germany. Bosch FSM-2500 and Bosch FSM-5000 suffer from a hard-coded vulnerability that could be exploited by remote attackers to submit special requests to gain unauthorized access to the database system wit...

CVE-2020-6779 Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of...

CVE-2020-6779

CVE-2020-6779 affects Bosch FSM-2500 and FSM-5000 servers (up to v5.2). The root cause is hard-coded credentials in the database, enabling an unauthenticated remote attacker to log in with admin privileges. Impact stated: complete compromise of confidentiality and integrity of stored data and hig...

Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite

Exploit Title: Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite Vendor: Selea s.r.l. Product web page: https://www.selea.com...

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD20110616374...

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite

Summary IP camera with optical character recognition OCR software for automatic number plate recognition ANPR also equipped with ADR system that enables it to read the Hazard Identification Number HIN, also known as the Kemler Code and UN number of any vehicle captured in free-flow mode. TARGA is...

CVE-2020-27256

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings...

CVE-2020-27256

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings...

CVE-2020-35929

In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...

CVE-2020-35929

In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...

CVE-2020-35929

In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data...

CVE-2020-35929

CVE-2020-35929 concerns TinyCheck prior to commits 9fd360d and ea53de8, where the installation script contained hard-coded credentials for the backend. This creates potential for unauthorized access to remote data. The available documents identify the vulnerable component as the tool’s installati...

Kaspersky TinyCheck Trust Management Issues Vulnerability

Kaspersky TinyCheck is a software from the Russian company Kaspersky that captures network communications from smartphones or any device that can be associated with a Wi-Fi access point. TinyCheck before commits 9fd360d and ea53de8 suffers from a security vulnerability that stems from an...

Reolink P2P Cameras

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Reolink Equipment: P2P protocol Vulnerabilities: Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these...

Scalance X Products Hard-Coded Encryption Key Vulnerability

SCALANCE X is a switch for connecting industrial components such as programmable logic controllers plc or human machine interfaces HMIs. The Scalance X Products hard-coded encryption key vulnerability can be exploited by an attacker to handle man-in-the-middle scenarios and decrypt previously...

Scalance X Products hard-coded encryption key vulnerability (CNVD-2021-02592)

SCALANCE X is a switch for connecting industrial components such as programmable logic controllers plc or human machine interfaces HMIs. The Scalance X Products hard-coded encryption key vulnerability can be exploited by an attacker to handle man-in-the-middle scenarios and decrypt previously...