CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account that has an...

Man-in-the-Middle (MitM)

github.com/heroku/force is vulnerable to man-in-the-middle attack. The attack is possible because it uses hard-coded root certificates and InsecureSkipVerify function of force.go...

Hyundai Motor America Blue Link Sensitive Information Disclosure Vulnerability

Hyundai Motor America Blue Link is a remote wireless remote control device for use in automobiles. A sensitive information disclosure vulnerability exists in Hyundai Motor America Blue Link versions 3.9.5 and 3.9.4, which stems from the program's use of hard-coded passwords. An attacker could...

CVE-2017-6054

A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information...

TP-Link TL-SG108E Encryption Issue Vulnerability

The TP-Link TL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-Link TL-SG108E version 1.0 using firmware version 1.1.2 Build 20141017 Rel.50749, which stems from the program's use of hard-coded encryption keys. An attacker could exploit the vulnerability to obtain...

CVE-2017-8077

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key a long string beginning with Ei2HNryt. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...

CVE-2017-8077

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key a long string beginning with Ei2HNryt. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...

CVE-2017-8077

The CVE-2017-8077 issue affects the TP-Link TL-SG108E (firmware 1.1.2 Build 20141017 Rel.50749, 1.0). A hard-coded ciphering key (starts with Ei2HNryt) in the firmware is cited as the root cause. Red Hat and CNVD entries corroborate a vulnerability due to hard-coded encryption keys, with document...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

Schneider Electric SoMachine Basic and Schneider Electric Modicon TM221CE16R Security Bypass Vulnerability

Schneider Electric SoMachine Basic and Schneider Electric Modicon TM221CE16R are both products of Schneider Electric France. The former is a programming and debugging interface for all components on the control platform; the latter is a programmable controller. A security vulnerability exists in...

Multiple Marel Products Security Bypass Vulnerabilities

The Marel SensorX25 X-ray Machine and other products from Marel Iceland are used in the medical industry to provide a wide range of medical tests. A security bypass vulnerability exists in a number of Marel products and stems from the program's use of hard-coded certificates. A remote attacker...

Schneider Electric Modicon M221 PLCs and SoMachine Basic (Update A)

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Schneider Electric Equipment: Modicon M221 PLCs and SoMachine Basic Vulnerability: Use of Hard-Coded Cryptographic Key, Protection Mechanism Failure UPDATE INFORMATION This updated...

Hardcoded Credentials Vulnerability in Multiple Foscam Devices

Foscam is the world's leading provider of home security IP cameras. A security vulnerability exists in the use of the same hard-coded SSL private key for Foscam networked devices across different customer installations. A remote attacker could utilize another installation with knowledge of this k...

Intellinet NFC-30IR Camera - Multiple Vulnerabilities

Intellinet NFC-30IR Camera - Multiple Vulnerabilities Bitcrack Cyber Security - BitLabs Advisory http://www.bitcrack.net Multiple Vulnerabilities in Intellinet NFC-30IR Network Cameras ADVISORY -------- Title: Local File Inclusion in CGI-SCRIPT & Hard-Coded Manufacturer Backdoor Advisory ID:...

Intellinet NFC-30IR Camera - Multiple Vulnerabilities

Bitcrack Cyber Security - BitLabs Advisory http://www.bitcrack.net Multiple Vulnerabilities in Intellinet NFC-30IR Network Cameras ADVISORY -------- Title: Local File Inclusion in CGI-SCRIPT & Hard-Coded Manufacturer Backdoor Advisory ID: BITL-17-001 Date published: 2017-04-05 Date of last update...

Schneider Modicon M221CE16R Hard-Coded Vulnerability

The Modicon M221CE16R is an all-in-one programmable controller from Schneider Electric Co. The Schneider Modicon M221CE16R is vulnerable to a hard-coded vulnerability where XML files are AES-CBC encrypted, but the key used for encryption is hard-coded and cannot be changed. After decrypting the X...

Marel Food Processing Systems

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Marel Equipment: Food Processing Systems Vulnerabilities: Hard-Coded Passwords, Unrestricted Upload AFFECTED PRODUCTS The following Marel food processing products are affected: M3000 terminal associated with the...