CVE-2020-29193

The CVE-2020-29193 entry affects Panasonic Security System WV-S2231L firmware version 4.25, which contains an insecure hard-coded password: lkjhgfdsa. The issue is a credentials-related vulnerability with local access required (CVSS: 3.1, base score 6.8, MEDIUM). No exploit details are provided i...

CVE-2020-29193

Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa which is just the asdf keyboard row in reverse order...

ZTE E8810 Information Disclosure Vulnerability

ZTE E8810 is a smart cloud router from ZTE China. The ZTE E8810 suffers from a hard-coded MQTT service vulnerability that can be exploited by remote attackers to submit a special request for unauthorized access to the MQTT server and obtain sensitive information...

Panasonic Security System Trust Management Issue Vulnerability

The Panasonic WV-S2231L is a webcam from Panasonic Japan. The Panasonic Security System WV-S2231L version 4.25 suffers from a trust management issue vulnerability that stems from having an insecure hard-coded password lkjhgfdsa which is just the asdf keyboard line in reverse order...

CVE-2020-2499

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later...

CVE-2020-2499

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later...

CVE-2020-2499 Hard-coded Password Vulnerability in QES

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later...

CVE-2020-2499

CVE-2020-2499 affects QNAP QES prior to 2.1.1 Build 20200515, due to a hard-coded credential in earlier QES releases. The issue could allow login with the hard-coded password. QNAP fixed the vulnerability in QES 2.1.1 Build 20200515 and later. Based on connected sources (NVD/Nessus plugin and rel...

QNAP QES Trust Management Issues Vulnerabilities

QNAP QES is a desktop operating system from China's QNAP Corporation that is primarily used for managing files. A trust management issue vulnerability exists in versions prior to QES 2.1.1 Build 20200515, which can be exploited by an attacker to log in with a hard-coded password...

Moderate: Red Hat Security Advisory: mariadb-connector-c security, bug fix, and enhancement update

An update for mariadb-connector-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2020-29583 Zyxel USG Hard-Coded Admin Creds

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Recent...

CVE-2020-6882

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...

CVE-2020-6882

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...

Design/Logic Flaw

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...

CVE-2020-6882

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specifi...

ZTE E8810/E8820/E8822 series 信息泄露漏洞

ZTE E8810 is a smart cloud router from ZTE China. The ZTE E8810 suffers from a hard-coded MQTT service vulnerability that can be exploited by remote attackers to submit a special request for unauthorized access to the MQTT server and obtain sensitive information...

Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password (cisco-sa-20181003-cpcp-password)

According to its self-reported version number, the remote Cisco Prime Collaboration Provisioning server is prior to 12.1. It is, therefore, affected by a vulnerability in the install function that could allow an unauthenticated, remote attacker to access the administrative web interface using a...

CVE-2020-25620

An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named [email protected] and [email protected]. These allow logins to the N-Central Administrative Console NAC and/or the regular web interface...

CVE-2020-25620

An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named [email protected] and [email protected]. These allow logins to the N-Central Administrative Console NAC and/or the regular web interface...

CVE-2020-25620

CVE-2020-25620 affects SolarWinds N-Central 12.3.0.670. The issue is due to hard-coded credentials for local accounts [email protected] and [email protected], which allow logins to the NAC and/or the regular web interface. The connected sources confirm the credential issue but do not provide...