CVE-2026-42375 D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-600L Hardware Revision A1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir600l" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

EUVD-2026-27027

D-Link DIR-600L Hardware Revision A1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir600l" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

CVE-2026-42374

The CVE affects D-Link DIR-600L Hardware Revision B1 (EOL). A hardcoded telnet backdoor starts a telnet daemon at boot and uses the username "Alphanetworks" with a static password read from /etc/alpha_config/image_sign (wrgn61_dlwbr_dir600L). The custom telnetd accepts -u user:password, and the l...

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42372

The CVE pertains to D-Link DIR-605L Hardware Revision A1 (End-of-Life). It describes a hardcoded telnet backdoor: at boot, a telnet daemon starts via /bin/telnetd.sh using the username "Alphanetworks" and a static password read from /etc/alpha_config/image_sign. The custom telnetd accepts a -u us...

CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

PT-2026-36833

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L Hardware Revision A1 Description A hardcoded telnet backdoor exists where the device starts a telnet daemon at boot via the /bin/telnetd.sh script. The system uses a static username "Alphanetworks" and password "wrgn35 dlwbr...

Malicious code in graphicctx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8867133b18f35132bf0096bdbd5d1891e87f8a07bbba09f6dffe21c8b048596e Packages in this campaign are used to exfiltrate data from users installing code from prepared Github repositories. Packages contain code to exfiltrate files...

CVE-2024-22083

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks...

CVE-2024-22083

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks...

CVE-2024-22083

The vulnerability CVE-2024-22083 affects Elspec G5 digital fault recorder versions 1.1.4.15 and earlier. The issue is a hardcoded backdoor session ID that enables unauthorized access to the device, including reconfiguration tasks. Affected components are the system’s session handling/backdoor mec...

PT-2024-19194 · Elspec · Elspec G5 Digital Fault Recorder

Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.1.4.15 and before Description: An issue was discovered in the Elspec G5 digital fault recorder. A hardcoded backdoor session ID exists that can be used for further access to the device, including...

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components product: Nexans FTTO GigaSwitch industrial/office switches HW version 5 vulnerable version: See "Vulnerable /...

Western Digital WDMyCloud 2.30.165 Multiple Vulnerabilities

WDMyCloud versions 2.30.165 and below suffer from file upload, hard coded backdoor, command injection, cross site request forgery, denial of service, and information disclosure vulnerabilities. WDMyCloud = 2.30.165 Multiple Vulnerabilities Released Date: 2018-01-04 Last Modified: 2017-06-11 Compa...

WDMyCloud 2.30.165 - Multiple Vulnerabilities

WDMyCloud 2.30.165 - Multiple Vulnerabilities WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,///...

CVE-2017-12860

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded...

CVE-2017-12860

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded...

CVE-2017-12860

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded...

Arris Modems Hardcoded Backdoor Vulnerability

Arris Modems are modems produced by telecom equipment manufacturer Arris, customized for AT&T home users for on-net access. Arris Modems are vulnerable to a hard-coded backdoor vulnerability, where the modem has SSH enabled by default and allows Internet connectivity, which can be accessed by an...

Arris Modems Hardcoded Backdoor Vulnerability (CNVD-2017-24359)

Arris Modems are modems produced by telecom equipment manufacturer Arris, customized for AT&T home users for on-net access. A hard-coded backdoor vulnerability exists in Arris Modems, which have a built-in web server that allows an attacker to access the back-end administration panel through port...