MAL-2026-1409 Malicious code in darkig (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7589c67c4429eabd010f891cb17f893ee11ec3cb873d4a31095cc3592134f762 Instagram hacking tool that also forces the user to follow hardcoded accounts. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in ighack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 889207a729f6b97c385d6c0afe217776d10331cdf7e5dd511f80e0d01e899842 Instagram hacking tool that besides abusing the Instagram API, also automatically uses user's credentials to follow hardcoded accounts. --- Category: MALICIOUS...

EUVD-2012-4622

Malware in sbrugna...

EUVD-2013-6187

Malware in sbrugna...

EUVD-2016-7456

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-34034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default...

CVE-2012-4697

TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session...

CVE-2012-6428

The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access...

CVE-2013-6362

Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts...

Milesight IP security cameras trust management issue vulnerability (CNVD-2019-40064)

Milesight IP security cameras are IP camera products from China Pulse Digital Technology Milesight. A security vulnerability exists in Milesight IP security cameras version 2016-11-14 and earlier, which stems from the program comes with 10 privileged accounts with hardcoded credentials in the...

The vulnerability of the microprogramming software for Moxa EDS-G516E and Moxa EDS-510E switches lies in the use of rigidly encoded account data, which allows attackers to escalate their privileges.

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches is related to the use of rigidly encoded account data. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2017-18371

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234. These accounts can b...

Command injection

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a...

CVE-2017-18373

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a...

Backdoors in D-Link’s backyard

"If you want to change the world, start with yourself." In the case of security research this can be rephrased to: "If you want to make the world safer, start with the smart things in your home." Or, to be more specific, start with your router – the core of any home network as well as an...

PT-2018-16: Hardcoded Accounts in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200

The specialists of the Positive Research center have detected a Hardcoded accounts vulnerability in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200. Hardcoded accounts allow attackers to gain access to the FTP server. How to fix Use the vendor's advisory:...

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session...

Hardcoded credentials

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session...

CVE-2016-6535

CVE-2016-6535 affects AVer Information EH6108H+ hybrid DVR (firmware X9.03.24.00.07l). The vulnerability arises from hard-coded accounts with root privileges, enabling remote attackers to obtain root access via a default TELNET service. CERT/CC notes multiple issues in the device, including authe...

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session...