CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Zero Day Initiative•added 2015/09/29 12:0 a.m.•34 views

(0Day) Moxa OnCell Central Manager Server RequestController Static Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RequestController class. The specific flaw exists within the...

7.5CVSS8.9AI score0.01695EPSS

Exploits0References2

CNVD•added 2015/09/23 12:0 a.m.•4 views

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise Remote Code Execution Vulnerability

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise are both products of General Electric Company GE, U.S.A. GE Digital Energy MDS PulseNET is a suite of software applications for monitoring and controlling industrial communication network devices. Enterprise is an enterprise version of MD...

9CVSS8.7AI score0.03784EPSS

ICS•added 2015/09/17 6:0 a.m.•70 views

Adcon Telemetry A840 Vulnerabilities

OVERVIEW Independent researcher Aditya K. Sood has identified vulnerabilities in Adcon Telemetry’s A840 Telemetry Gateway Base Station. Adcon Telemetry has stated that the A840 is an obsolete product and is no longer supported. No patches or updates will be created for this product. Adcon Telemet...

10CVSS9AI score0.02521EPSS

Exploits0References10

seebug.org•added 2015/09/17 12:0 a.m.•104 views

TP-Link NC200/NC220 无线网络云摄像头硬编码漏洞

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: NC220 V1 1.0.28 Build 150629 Rel.22346 NC200 V1 2.0.15 Build 150701 Rel.20962 Summary: Designed with simplicity in mind, TP-LINK's...

7AI score

0day.today•added 2015/09/16 12:0 a.m.•48 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials Vulnerability

NC220 and NC200 utilizes hard-coded credentials within its Linux distribution image. These sets of credentials root:root are never exposed to the end-user and cannot be changed through any normal operation of the camera. TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor...

7AI score

CNVD•added 2015/09/16 12:0 a.m.•3 views

Impero Education Pro is vulnerable

Impero Education Pro is an education management solution from Impero, Inc. that integrates classroom management, desktop management, and computer monitoring software into one package. Impero Education Pro versions prior to 5105 have a security vulnerability. Since the program uses hard-coded CBC...

7.8CVSS6.8AI score0.01653EPSS

exploitpack•added 2015/09/15 12:0 a.m.•30 views

TP-Link NC200NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

TP-Link NC200NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: NC220 V1 1.0.28 Build 150629 Rel.22346 NC200 V1 2.0.15 Buil...

Exploit DB•added 2015/09/15 12:0 a.m.•42 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

Packet Storm•added 2015/09/14 12:0 a.m.•35 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials

Zero Science Lab•added 2015/09/14 12:0 a.m.•169 views

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials

Summary Designed with simplicity in mind, TP-LINK's Cloud Cameras are a fast and trouble free way to keep track on what's going on in and around your home. Video monitoring, recording and sharing has never been easier with the use of TP-LINK’s Cloud service. The excitement of possibilities never...

5.8AI score

myhack58•added 2015/09/09 12:0 a.m.•5332 views

Hikvision a network camera to the anonymous user to bypass the login permissions-bug warning-the black bar safety net

Network Camera firmware internal for the convenience of visitors to access, curing an anonymous account, which in most cases is disabled, but can be a base64 hard-coded way to create a cookie to bypass the login permissions review. User: anonymous Password：\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7 !...

CERT•added 2015/09/09 12:0 a.m.•30 views

Impero Education Pro classroom management software vulnerable to remote code execution

Overview Impero Software Education Pro classroom management software is vulnerable to remote code execution via improper encryption and authentication mechanisms. Description CWE-321: Use of Hard-coded Cryptographic KeyCWE-329: Not Using a Random IV with CBC Mode - CVE-2015-5997 According to the...

10CVSS7.8AI score0.02643EPSS

The Hacker News•added 2015/09/07 6:46 a.m.•50 views

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an “undocumented Telnet services” with a hard-coded password in Seagate Wireless Hard...

10CVSS9.5AI score0.04154EPSS

Exploits2

CNVD•added 2015/09/02 12:0 a.m.•2 views

Basware Banking Trust Management Vulnerability (CNVD-2015-05813)

Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which stems from the use of hard-coded passwords for ANCO...

6.5CVSS7AI score0.01157EPSS

CNVD•added 2015/09/02 12:0 a.m.•3 views

Basware Banking Trust Management Vulnerability (CNVD-2015-05812)

6.5CVSS7AI score0.01139EPSS

CERT•added 2015/09/01 12:0 a.m.•86 views

Seagate and LaCie wireless storage products contain multiple vulnerabilities

Overview Multiple Seagate wireless storage products contain multiple vulnerabilities. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-2874 Some Seagate wireless storage products provide undocumented Telnet services accessible by using the default credentials of 'root' as username an...

10CVSS8.9AI score0.04154EPSS

Exploits3References5

CERT•added 2015/08/31 12:0 a.m.•69 views

Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities

Overview The Phillipine Long Distance Telephone PLDT company provides internet access in the Phillippines. The SpeedSurf 504AN and Kasda KW58293 modems distributed by PLDT contain multiple vulnerabilities. The BaudTec ADSL2+ Router may also be affected. Description PLDT provides SpeedSurf 504AN,...

7.8CVSS6.9AI score0.01553EPSS