3022 matches found
ZTE ZXV10 W300 Router - Hard-Coded Credentials
Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm" References:...
ZTE ZXV10 W300 Hardcoded Credentials
Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm" References:...
ZTE ZXV10 W300 router hard-coded credentials vulnerability-vulnerability warning-the black bar safety net
ZTE ZXV10 W300 routing 2.1.0 version and possibly previous versions,contains hardcoded credentials. CWE-7 9 8 Use the username admin password XXXXairocon where XXXX refers to the device MAC address after the fourth bit can successful connection open the Telnet service, the ZXV10 W300 router...
CVE-2013-6034
The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...
Hardcoded credentials
The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...
CVE-2013-6034
CVE-2013-6034 involves firmware in multiple satellite terminals (Harris BGAN RF-7800B-VU204/DU204; Hughes NOC 9201/9450/9502; Thuraya IP; Inmarsat; Japan Radio JUE-250/JUE-500) with hardcoded login credentials (CWE-798) and an insecure proprietary protocol exposed on TCP port 1827. The CERT/CC no...
CVE-2013-6034
The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...
ZTE ZXV10 W300 router contains hardcoded credentials
Overview ZTE ZXV10 W300 router version 2.1.0, and possibly earlier versions, contains hardcoded credentials. CWE-798 Description ZTE ZXV10 W300 router contains hardcoded credentials that are useable for the telnet service on the device. The username is "admin" and the password is "XXXXairocon"...
Hughes Network Systems Broadband Global Area Network (BGAN) satellite terminal firmware contains multiple vulnerabilities
Overview Firmware developed by Hughes Network Systems used in a number of BGAN satellite terminals contains undocumented hardcoded login credentials CWE-798. Additionally, the firmware contains an insecure proprietary communications protocol, likely a debugging service, that allows unauthenticate...
Hardcoded credentials
Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls allow remote attackers to execute arbitrary code via a crafted HTML document...
Stem Innovation IZON Hardcoded Password Vulnerability
Stem Innovation's IZON IP camera has hard-coded passwords that can be leveraged via both telnetd and httpd. Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’...
Stem Innovation IZON Hardcoded Password
Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web...
Hardcoded credentials
Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a...
Hardcoded credentials
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 have a hardcoded account of username gkJ9232xXyruTRmY, which makes it easier for remot...
Belkin NetCam Wifi Camera Hardcoded Credentials
Product: Product NetCam WiFi Camera With Night Vision, purchased August 2013 Summary: Live video stream is accessible with user/password of admin/admin. The user/password combination admin/admin cannot be changed by the user. This "feature" is undocumented. To reproduce: 1. Connect webcam to...
IZON IP Cameras Hardcoded Credentials (Telnet)
The remote IZON IP camera is using known hardcoded credentials. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stem Innovation IZON IP cameras backdoor
Hardcoded credentials...
Stem Innovation ‘IZON’ Hard-coded Credentials (CVE-2013-6236)
Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web...
Hardcoded credentials
The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct...
Hardcoded credentials
The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a...