CVE-2022-48113

CVE-2022-48113 affects TOTOLINK N200RE_v5 firmware version V9.3.5u.6139. An unauthenticated attacker can access the telnet service via a crafted POST request and may log in as root using hardcoded credentials. The connected documents confirm the vulnerability details but do not provide a remediat...

CVE-2022-48113

A vulnerability in TOTOLINK N200REv5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials...

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

Hardcoded credentials

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24022 Hard Coded Credential Crypt Vulnerability

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24022 Hard Coded Credential Crypt Vulnerability

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware RTS/RTD 3.7.11.3 contain hardcoded credentials stored in the firmware and encrypted by the crypt function, allowing remote attackers to authenticate via SSH. This is documented across multiple sources (NVD/Red Hat/CNNV...

PT-2023-19365 · Baicells · Baicells Nova 233 +2

Name of the Vulnerable Software and Affected Versions: Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 Description: The issue concerns hardcoded credentials in the firmware of the affected devices. These credentials are easily discoverable a...

Hardcoded credentials

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

Hardcoded credentials

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...

Hardcoded credentials

EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user...

Hardcoded credentials

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

Hardcoded credentials

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an HTML attribute context...

Hardcoded credentials

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

Hardcoded credentials

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service...

Hardcoded credentials

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The patch is identified as 557e177d8a309d6f0f26de46efb38d43e000852d. It is recommended to apply a pat...

CVE-2022-4780

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

CVE-2022-4780

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

Hardcoded credentials

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...