CVE-2024-28809

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials...

CVE-2024-28809

The CVE-2024-28809 issue affects Infinera hiT 7300, specifically version 5.60.50. The root cause is cleartext storage of sensitive passwords in firmware update packages, enabling access to various appliance services via hardcoded credentials. The connected Red Hat, NVD, CNNVD, CVE records confirm...

PT-2024-6539 · Infinera · Infinera Hit 7300

Name of the Vulnerable Software and Affected Versions: Infinera hiT 7300 version 5.60.50 Description: An issue was discovered in the Infinera hiT 7300, where a hidden SSH service on the local management network interface has hardcoded credentials. This allows attackers to access the appliance...

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

CVE-2024-28812

CVE-2024-28812 affects Infinera hiT 7300 5.60.50, where a hidden SSH service on the local management interface uses hardcoded credentials, allowing an attacker to access the appliance OS with highest privileges via SSH. The condition is confirmed across multiple sources (NVD/Red Hat/CNNVD) with d...

CVE-2024-23958

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-23958

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-23958 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

CVE-2024-46328

CVE-2024-46328 affects VONETS VAP11G-300 (firmware v3.3.23.6.9). The Red Hat and NVD entries confirm a hardcoded-credentials vulnerability in privileged accounts (including root), enabling potential unauthorized access. The sources do not provide explicit exploit details, affected software versio...

PT-2024-31958 · Vonets · Vonets Vap11G-300

Name of the Vulnerable Software and Affected Versions: VONETS VAP11G-300 version 3.3.23.6.9 Description: The issue concerns hardcoded credentials for several different privileged accounts, including root, in the VONETS VAP11G-300 device. This could potentially allow unauthorized access to the...

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root...

PT-2024-10438

Name of the Vulnerable Software and Affected Versions Yeti platform affected versions not specified Description The issue is related to the use of hardcoded credentials. An attacker can exploit this to gain elevated privileges by utilizing a static JWT token. Recommendations At the moment, there ...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk

Description : The SolarWinds Web Help Desk WHD software is...

Backdoor.Win32.Optix.02.b MVID-2024-0690 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Optix.02.b Vulnerability: Weak Hardcoded Credentials Description: Optix listens o...