8064 matches found
Dentsply Sirona CDR DICOM Hardcoded Credentials Security Bypass Vulnerability
Dentsply Sirona CDR DICOM is a software package for managing medical dental records. A security vulnerability exists in Dentsply Sirona CDR DICOM 5 and prior versions, which stems from the program containing hard-coded database credentials. A remote attacker could exploit the vulnerability to gai...
DEXIS Imaging Suite 10 contains hard-coded credentials
Overview DEXIS is a dental x-ray imaging software that manages patient records. DEXIS Imaging Suite 10 contains several hard-coded credentials allowing administrative or root access to the patient database. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6532 DEXIS Imaging Suite 10...
Dentsply Sirona CDR DICOM contains multiple hard-coded credentials
Overview The Dentsply Sirona previously known as Shick Technologies CDR DICOM is software for managing medical dental records. CDR DICOM contains several hard-coded credentials allowing administrative or root access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6530 Dentsply...
Siemens SICAM PAS Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect...
BSNL Teracom Router Firmware Rewrite / Link Modification
Multiple Vulnerabilities in TERACOM ROUTER Author: Ajay Gowtham aka AJOXR Contact: gowtham.ajay5 at gmail.com Vulnerability Type: Insecure Upload File Permissions Affected Module: Upload Functionality Criticality: Medium Device Model: BSNL Teracom T2-B-Gawv1.4U10Y-BI is WiFi enabled ADSL2+...
ZKTeco ZKBioSecurity 3.0 Hardcoded Certificate Remote System Command Execution Vulnerability
ZKBioSecurity is a comprehensive management platform for biometric security. The ZKTeco ZKBioSecurity 3.0 hard-coded credentials remote system command execution vulnerability arises because after credential validation, the application bundles a pre-configured Apache Tomcat server and user login...
ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution
Exploit for jsp platform in category web applications ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform:...
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version:...
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution
ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform: 3.0.1.0R230 Personnel: 1.0.1.0R1916 Access: 6.0.1.0R1757...
ReadyDesk Security Bypass Vulnerability
ReadyDesk is a Web-based helpdesk software solution from ReadyDesk, Inc. A security bypass vulnerability exists in ReadyDesk version 9.1, which stems from the use of hard-coded encryption for user credentials. An attacker could exploit the vulnerability to obtain a password...
ZModo ZP-NE14-S DVR and ZP-IBH-13W Recorder Security Bypass Vulnerability
The ZModo ZP-NE14-S DVR and the ZModo ZP-IBH-13W are both digital video recorders from ZModo China. A security bypass vulnerability exists in the ZModo ZP-NE14-S DVR and ZP-IBH-13W video recorders, which stems from the program's use of hard-code certificates. A remote attacker could exploit the...
Zmodo ZP-NE14-S DVR and ZP-IBH-13W cameras contain hard-coded credentials
Overview The Zmodo ZP-NE14-S DVR and ZP-IBH-13W cameras contain hard-coded credentials and run telnet by default. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-5081According to the reporter, the Zmodo ZP-NE14-S DVR and ZP-IBH-13W cameras contain undocumented credentials for...
AB Rockwell Automation MicroLogix 1400 Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0184 AB Rockwell Automation MicroLogix 1400 Code Execution Vulnerability August 11, 2016 CVE Number CVE-2016-5645 Description An exploitable Use of Hard-coded Credentials Undocumented Community String vulnerability exists in the SNMP functionality of...
Crestron Electronics DM-TXRX-100-STR Man-in-the-Middle Attack Vulnerability
The Crestron Electronics DM-TXRX-100-STR is a multimedia streaming codec. The Crestron Electronics DM-TXRX-100-STR 1.3039.00040 uses a hard-coded X.509 certificate from the OpenSSL Test Certification Authority. This allows a man-in-the-middle attacker to spoof a server and obtain sensitive...
Crestron Electronics DM-TXRX-100-STR Hardcoded Password Vulnerability
The Crestron Electronics DM-TXRX-100-STR is a multimedia streaming codec. The Crestron Electronics DM-TXRX-100-STR 1.3039.00040 has a hard-coded password for the admin account. This could allow a remote attacker to gain access through the web management interface...
Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities
Overview Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and earlier, has a web management interface which contains multiple vulnerabilities, including authentication bypass, failure to restrict access to authorized users, use of hard-coded certificate, default credentials, and...
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/...
Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability
OVERVIEW Independent researcher He Congwen has identified a hard-coded password vulnerability in Schneider Electric’s PowerLogic PM8ECC device. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...
Unspecified Vulnerability in Schneider Electric Pelco Digital Sentry Video Management System
Schneider Electric Pelco Digital Sentry Video Management System is a video recording system from Schneider Electric France. A security vulnerability exists in the Schneider Electric Pelco Digital Sentry Video Management System using firmware prior to version 7.13, which stems from the program's u...
GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials
GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor...