3023 matches found
CVE-2025-30137
CVE-2025-30137 affects the G-Net GNET APK 2.6.2. The issue is hardcoded credentials in the APK that grant unauthorized access to dashcam API endpoints on ports 9091 and 9092. Credentials reported: for port 9091, TibetList and 000000 to list settings; for port 9092 (stream), admin + tibet. Setting...
CVE-2025-30109
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and...
CVE-2025-30137
An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for ports 9091 and 9092. The GNET mobile application contains hardcoded credentials that provide unauthorized access to the dashcam's API endpoints on ports 9091 and 9092. Once the GNET SSID is connected to...
CVE-2025-30109
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and...
CVE-2025-30123
An issue was discovered on ROADCAM X3 devices. The mobile app APK Viidure contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device...
GNET G-ONX 安全漏洞
GNET G-ONX is a series of car recorders from GNET. A security vulnerability exists in GNET G-ONX version 2.6.2, which stems from the inclusion of hard-coded credentials in the APK that could lead to unauthorized access...
CVE-2025-30113
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...
CVE-2025-30113
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...
CVE-2025-30106
The CVE-2025-30106 entry concerns IROAD v9 dashcams that ship with hardcoded default credentials ("qwertyuiop") which cannot be changed by the user. The credential hardening absence enables an attacker within Wi‑Fi range to connect to the device’s network for sniffing. Public sources in the conne...
CVE-2025-30106
On IROAD v9 devices, the dashcam has hardcoded default credentials "qwertyuiop" that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device's network to perform sniffing...
CVE-2025-25729
An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process...
CVE-2025-25570
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
CVE-2025-25570
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...
CVE-2025-25570
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...
CVE-2025-25570
CVE-2025-25570 affects Vue Vben Admin 2.10.1, with a broken authentication flaw caused by hardcoded credentials that allows unauthorized login to the backend. The Nuclei template explicitly documents a default-credentials scenario and the Red Hat/NVD entries reiterate unauthorized backend access ...
PT-2025-9029
Name of the Vulnerable Software and Affected Versions Vue Vben Admin version 2.10.1 Description The issue allows unauthorized login to the backend due to an problem with hardcoded credentials. Recommendations For Vue Vben Admin version 2.10.1, update to a version that removes the hardcoded...
CVE-2025-25729
An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process...
CVE-2025-25729
An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process...
CVE-2025-25729
CVE-2025-25729 concerns a data disclosure in Bosscomm IF740 firmware (versions 11001.7078 & v11001.0000) and System versions 6.25 & 6.00. The root cause is information exposed via the update or boot process, enabling an attacker to obtain hardcoded cleartext credentials. The CVE entry and related...