CVE-2018-10167

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...

CVE-2018-10167

TP-Link EAP Controller and Omada Controller (Windows) versions 2.5.4_Windows and 2.6.0_Windows are affected by CVE-2018-10167 due to a hard-coded cryptographic key used to encrypt the web app backup file. A low-privilege user can decrypt and modify the backup to escalate privileges, including cre...

Watchguard Hard-Coded Credentials / Failed Controls Vulnerability

WatchGuard Access Points running firmware before version 1.2.9.15 suffer from hard-coded credential, hidden authentication, file upload, and incorrect validation vulnerabilities. Introduction ============ Multiple vulnerabilities can be chained together in a number of WatchGuard AP products which...

Watchguard Hard-Coded Credentials / Failed Controls

Introduction ============ Multiple vulnerabilities can be chained together in a number of WatchGuard AP products which result in pre-authenticated remote code execution. The vendor has produced a knowledge-base article1 and announcement2 regarding these issues. ZX Security would like to commend t...

Philips Brilliance Computed Tomography (CT) System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Philips --------- Begin Update A Part 1 of 3 ---------- Equipment: Brilliance CT Scanners and MX8000 Dual EXP --------- End Update A Part 1 of 3 ---------- Vulnerabilities: Execution with Unnecessary Privileges,...

Hardcoded credentials

Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...

CVE-2017-14014

Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...

CVE-2017-14014

Summary of CVE-2017-14014 : The Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI before it is transferred to removable media. This creates a vulnerability (CWE-321: Use of Hard-coded Cryptographic Key) with CVSS3 base score 4.6 (vector AV:P/AC:L/PR...

CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

CVE-2017-9656

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...

CVE-2017-9656

This CVE (CVE-2017-9656) affects Philips DoseWise Portal (DWP) Backend DB credentials in versions 1.1.7.333 and 2.1.1.3069. The root cause is hard-coded credentials in backend system files, granting a database account with privileges that can affect confidentiality, integrity, and availability. E...

Prisma Industriale Checkweigher PrismaWEB Hardcoded Credentials Vulnerability

Prisma Industriale Checkweigher PrismaWEB is a management system for checkweighers from Prisma Italia. A security vulnerability exists in Prisma Industriale Checkweigher PrismaWEB version 1.21. A remote attacker can exploit the vulnerability by reading the file user/scripts/loginpar.js to obtain ...

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules...

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules...

Multiple Vulnerabilities in TVT DVR/NVR/IPC

Shenzhen Tongwei Digital Technology Co., Ltd TVT for short is an international first-class product and system solution provider in the field of video security integrating R&D, production, sales and service, providing video security products and solutions with core competitiveness for users in mor...

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard...

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an...

FiberHome VDSL2 Modem HG 150-UB Login Bypass

Exploit Title: FiberHome VDSL2 Modem HG 150-UB Login Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an attacker can bypass login page by setting the...