3044 matches found
CVE-2023-27098
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel...
Hardcoded credentials
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel...
CVE-2023-27098
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel...
CVE-2023-27098
Summary: CVE-2023-27098 affects the TP-Link Tapo APK up to v2.12.703, where the login panel is protected by hardcoded credentials. This Java/mobile app issue enables unauthorized access to protected login functionality, potentially exposing user data. What’s affected: TP-Link Tapo APK (Android) v...
Hardcoded credentials
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
PT-2024-1678 · Tp Link · Tp-Link Tapo Apk
Name of the Vulnerable Software and Affected Versions: TP-Link Tapo APK up to v2.12.703 Description: The issue is related to the use of hardcoded credentials for access to the login panel in the TP-Link Tapo APK. This allows a remote attacker to gain unauthorized access to protected information...
SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use...
Hardcoded credentials
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...
Hardcoded credentials
Phlox com.phlox.simpleserver aka Simple HTTP Server 1.8 and com.phlox.simpleserver.plus aka Simple HTTP Server PLUS 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K encryption key. The threat is from a man-in-the-middle attacker who can intercept and potentially modify data during transmissio...
Hardcoded credentials
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...
Hardcoded credentials
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...
PT-2023-8171 · Oracle +1 · Mysql Server +1
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. The flaw exists within the configuration of a MySQL instance, resulting from...
Hardcoded credentials
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key...
PT-2023-7601 · Sonicwall · Sonicwall Wan Acceleration (Wxa) 5000 Virtual Appliance
Name of the Vulnerable Software and Affected Versions: SonicWall WAN Acceleration WXA 5000 Virtual Appliance affected versions not specified Description: The issue is related to the use of hardcoded credentials in the virtual device management service. This could allow a remote attacker to bypass...
Hardcoded credentials
Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...
Hardcoded credentials
EzViz Studio v2.2.0 is vulnerable to DLL hijacking...
Hardcoded credentials
The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...