iBall iB-WRA150N Hardcoded Vulnerability

The iBall iB-WRA150N is a wireless router product from iBall India. A hardcoded vulnerability exists in the iBall iB-WRA150N version 1.2.6 build 110401 Rel.47776n, which stems from the use of 'admin' for the admin account, 'support' for the support account, and 'user' for the user account,...

Hardcoded credentials

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account...

Hardcoded credentials

systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protectedhardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks...

Hardcoded credentials

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 123740...

Hardcoded credentials

A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate...

Hardcoded credentials

MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account...

Hardcoded credentials

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...

Hardcoded credentials

In the hardware HEVC decoder, some media files could cause a page fault. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android...

Hardcoded credentials

The Installer in Whale allows DLL hijacking...

ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution

Summary ZKBioSecurity3.0 is the ultimate "All in One" web based security platform developed by ZKTeco. It contains four integrated modules: access control, video linkage, elevator control and visitor management. With an optimized system architecture designed for high level biometric identificatio...

Hardcoded credentials

cgi-bin/mft/wirelessmft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware LM.1.6.17.01 uses hard-code...

CVE-2014-8389

cgi-bin/mft/wirelessmft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware LM.1.6.17.01 uses hard-code...

Hardcoded credentials

Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature...

Hardcoded credentials

Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server...

Hardcoded credentials

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops wi...

Hardcoded credentials

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitud...

Hardcoded credentials

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure...

Cisco Umbrella Virtual Appliance 2.1.0 Hardcoded Credentials Vulnerability

Cisco Umbrella virtual appliance versions 2.1.0 and below contain undocumented hardcoded credentials which could allow an attacker to access the hypervisor console and provide persistent and unrestricted access to the virtual appliance. Cisco Umbrella Virtual Appliance - Hardcoded Credentials...

Hardcoded credentials

The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values CSV file. This can be used by attackers to hide data in the Graphical User Interface GUI view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' a...

ZTE ZXR10 Router < 3.00.40 Multiple Vulnerabilities

ZTE ZXR10 Router devices have a backdoor account with hardcoded credentials. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...