CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

Hardcoded credentials

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2016-9358

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

CVE-2017-6022

A hard-coded password issue was discovered in Becton, Dickinson and Company BD PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the...

CVE-2017-6022

CVE-2017-6022 affects BD PerformA (v2.0.14.0 and earlier) and KLA Journal Service (v1.0.51 and earlier); hard-coded credentials allow remote access to the BD Kiestra Database, risking confidentiality of PHI/PII. Exploitation is remote-feasible; no public exploits are cited. Remediation: apply upd...

CVE-2016-9358

CVE-2016-9358 is a hard-coded passwords vulnerability affecting Marel Food Processing Systems, notably the M3000 terminal and related components (M3210 terminal, M3000 desktop software, MAC4 controller, SensorX/X-ray and MWS2 devices) across numerous systems (A320, A325, A371, A520 Master/Slave, ...

Schneider Electric U.motion Builder (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Schneider Electric Equipment: U.motion Builder --------- Begin Update A Part 1 of 5 -------- Vulnerabilities: SQL Injection, Path Traversal, Improper...

Hard-coded credentials vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains hard-coded credentials. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

Hard-coded credentials vulnerability in Toshiba Home gateway HEM-GW16A firmware

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. A hard-coded credentials vulnerability exists in the TOSHIBA Home Gateway HEM-GW26A using firmware version HEM-GW26A-FW-V1.2.0 and earlier and the TOSHIBA Home Gateway HEM-GW16A...

JVN#85901441: Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway

Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. Non-documented developer's screen CWE-912 - CVE-2017-2234 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.4 CVSS v2|...

CVE-2016-8731

Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device...

CVE-2016-8731

CVE-2016-8731 affects Foscam C1 IP Camera firmware 1.9.1.12, where hard-coded FTP credentials (user: r, pass: r) allow remote FTP access to the camera if port 50021 is reachable. Public analysis confirms the vulnerability enables remote login to the camera’s FTP service and mounted SD card, with ...

PT-2017-9770 · Foscam · Foscam C1

Name of the Vulnerable Software and Affected Versions: Foscam C1 version 1.9.1.12 Description: The issue concerns hard-coded FTP credentials, specifically r:r, included in the firmware. This could allow remote access to cameras connected to the internet without port 50021 blocked by an intermedia...

finecmsV5.0.8 \finecms\dayrui\controllers\Api.php getshell

Vulnerability in the C:\phpStudy\WWW\finecms\dayrui\controllers\Api. in php data2 function, approximately in the line 115, the problematic code about 178 rows public function data2 $data = array; // Route authentication if defined'SYSREFERER' && strlenSYSREFERER $http = $SERVER'HTTPREFERER' ?...

Cisco Elastic Services Controller Default Administrator Credentials Vulnerability

Cisco Elastic Services Controller is a cloud and systems management solution. Cisco Elastic Services Controllers has a security vulnerability in the ConfD CLI implementation that stems from the presence of a default, weak, hard-coded password for the admin user on the affected system. A remote...

Schneider Electric U.motion Builder Embedded Session ID Authentication Bypass Vulnerability

U.motion Builder is a builder product from Schneider Electric France. A session ID authentication bypass vulnerability exists in Schneider Electric U.motion Builder Embedded. The application has a hard-coded static session ID.By embedding the session ID in an HTTP cookie, an attacker can bypass t...

Schneider Electric U.motion Builder Hardcoded Remote Code Execution Vulnerability

U.motion Builder is a builder product from Schneider Electric France. A hard-coded remote code execution vulnerability exists in Schneider Electric U.motion Builder. The web service comes with a hidden system account that contains hard-coded passwords. An attacker could exploit the vulnerability ...