3023 matches found
CVE-2025-25570
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
CVE-2024-50688
SunGrow iSolarCloud Android app (v2.1.6.20241017 and earlier) uses hardcoded MQTT credentials for device telemetry, with the same credentials in the app and cloud. The vulnerability is described as enabling attackers to gain unauthorized access to user accounts and potentially execute arbitrary c...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
CVE-2024-57790
IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...
CVE-2024-57790
IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...
CVE-2023-26566
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...
CVE-2024-36049
Aptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write access to personal...
PT-2025-6758 · Ixon B.V. · Ixrouter Ix2400
Name of the Vulnerable Software and Affected Versions: IXON B.V. IXrouter IX2400 Industrial Edge Gateway version 3.0 Description: The issue concerns hardcoded root credentials stored in the non-volatile flash memory. This allows physically proximate attackers to gain root access via UART or SSH...
CVE-2024-57790
CVE-2024-57790 affects IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0. A hardcoded root credential stored in non-volatile flash enables physically proximate attackers to obtain root access via UART or SSH. The vulnerability is categorized with physical attack vector, low authentication,...
CVE-2024-57790
IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
Billion Electric M100、M150和M120N 信任管理问题漏洞
The Billion Electric M100, among others, is a wireless router from China-based Shengda Electric Billion Electric. The Billion Electric M100, M150, and M120N are vulnerable to a trust management issue vulnerability that stems from embedded Linux credentials that are hardcoded. An attacker could...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46436
Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...
CVE-2024-46429
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...