CVE-2024-46436

CVE-2024-46436 : Affects Tenda W18E device with firmware V16.01.0.8(1625). Public data states hardcoded credentials enable unauthenticated remote attackers to gain root access via the telnet service. This is consistent across multiple sources in the connected set. Root access via telnet constitut...

CVE-2024-46429

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...

CVE-2024-46436

Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...

CVE-2024-46429

CVE-2024-46429 concerns a hardcoded credentials vulnerability in the Tenda W18E web management portal. Affected component: W18E device web interface (V16.01.0.8(1625)). Root cause: presence of a default guest account with administrative privileges that can be used by unauthenticated remote attack...

CVE-2024-46429

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges...

PT-2025-6094 · Tenda · Tenda W18E

Name of the Vulnerable Software and Affected Versions: Tenda W18E version V16.01.0.81625 Description: The issue concerns hardcoded credentials in the Tenda W18E device, allowing unauthenticated remote attackers to gain root access to the device over the telnet service. This enables attackers to...

CVE-2024-46436

Hardcoded credentials in Tenda W18E V16.01.0.81625 allows unauthenticated remote attackers to gain root access to the device over the telnet service...

CVE-2022-4333

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...

CVE-2020-6265

SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce Data Hub, versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials...

CVE-2024-28751

An high privileged remote attacker can enable telnet access that accepts hardcoded credentials...

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

CVE-2024-50692

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT...

CVE-2024-50692

The CVE-2024-50692 entry concerns SunGrow WiNet-SV200.001.00.P027 and earlier versions that ship with hardcoded MQTT credentials, enabling an attacker to send arbitrary commands to an inverter. TLS is not used to identify the MQTT broker, enabling impersonation and making MQTT communications susc...

CVE-2024-48126

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to vendor support and service access...

CVE-2024-48126

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to vendor support and service access...

CVE-2024-48126

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to vendor support and service access...

PT-2025-2792 · Unknown · Hi-Scan 6040I

Name of the Vulnerable Software and Affected Versions: HI-SCAN 6040i Hitrax HX-03-19-I Description: The issue concerns hardcoded credentials in the system, which could allow unauthorized access to vendor support and service access. Recommendations: For HI-SCAN 6040i Hitrax HX-03-19-I, consider...

CVE-2024-48126

CVE-2024-48126 affects the HI-SCAN 6040i Hitrax HX-03-19-I: hardcoded credentials in the device enable access to vendor support and service functions. The vulnerability is rated CVSS v3.1: 9.8 (CRITICAL) with Network attack vector and no authentication required, causing high confidentiality, inte...

CVE-2024-28146 Hardcoded credentials

The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...

CVE-2024-28146 Hardcoded credentials

The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...