3032 matches found
Hardcoded credentials
D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability...
Hardcoded credentials
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...
Hardcoded credentials
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002...
Hardcoded credentials
Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive...
Hardcoded credentials
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05TESCO, TESCO DCS-2102 1.05TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06FR, DCS-2121 1.06...
Hardcoded credentials
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOADAPIKEY and FILEDOWNLOADAPIKEY...
Hardcoded credentials
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account...
Hardcoded credentials
In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execut...
Hardcoded credentials
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials...
Hardcoded credentials
The bt/btcore system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series...
Hardcoded credentials
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary...
Hardcoded credentials
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain...
Fortinet FortiSIEM CVE-2019-16153 Hardcoded Credentials Vulnerability
Description Fortinet FortiSIEM is prone to a hard-coded credentials vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to Fortinet FortiSIEM 5.2.6 are vulnerable. Technologies Affected Fortinet...
CVE-2019-14919
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...
CVE-2019-14919
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...
Hardcoded credentials
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...
CVE-2019-14919
The CVE concerns the Billion Smart Energy Router SG600R2 (firmware v3.02.rc6). An exposed Telnet service allows a local attacker to authenticate using hardcoded credentials, gaining root execution privileges on the device. This directly enables privileged control from the local network. The avail...
CVE-2019-14919
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...
Hardcoded credentials
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML...
CVE-2013-3620
Hardcoded WSMan credentials in Intelligent Platform Management Interface IPMI with firmware for Supermicro X9 generation motherboards before 3.15 SMTX9315 and firmware for Supermicro X8 generation motherboards before SMT X8 312...