3022 matches found
CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...
CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...
CVE-2022-50696
CVE-2022-50696 affects SOUND4 IMPACT/FIRST/PULSE/ Eco v2.x and earlier. The root cause is hardcoded credentials embedded in the device server binaries, which cannot be modified through normal device operations. This creates a vulnerability where attackers could gain unauthorized access across Lin...
PT-2025-54234
Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below Description The software includes hardcoded credentials within its server binaries, which cannot be altered through standard device procedures. This allows attackers to gain unauthorized...
π Netbus Backdoor 1.7 Remote Code Execution
Netbus Backdoor version 1.7 Metasploit module that leverages an insecure credential storage vulnerability that then performs command injection. ============================================================================================================================================= | Title :...
CVE-2018-25147
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2018-25147
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2019-25241
FaceSentry Access Control System 6.4.8 contains a critical authentication flaw: hard-coded SSH credentials for the wwwuser and an insecure sudoers configuration allow privilege escalation to root via sudo without authentication. This is documented across multiple sources (EUVD-2025-205313, NVD, C...
CVE-2019-25241 FaceSentry Access Control System 6.4.8 Remote SSH Root Access
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication...
CVE-2018-25147 Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
CVE-2018-25147 Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
PT-2025-53367
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...
EUVD-2025-204759
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
CVE-2025-67418
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative...
CVE-2025-65857
The CVE-2025-65857 affects Xiongmai XM530 IP cameras (firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06). The GetStreamUri ONVIF endpoint exposes RTSP URIs containing hardcoded credentials, enabling direct unauthorized video streaming access. Impact is unauthorized access to live streams; CV...
CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...
PT-2025-52680
Name of the Vulnerable Software and Affected Versions ClipBucket version 5.5.2 Description The software is affected by an improper access control issue stemming from hardcoded default administrative credentials. An unauthenticated remote attacker can leverage these credentials to log in to the...