Cobham Sailor satellite terminals contain hardcoded credentials

Overview Cobham Sailor 900 and 6000 series satellite terminals contain hardcoded credentials. Description CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 900 and 6000 series satellite communication terminals running firmware version: 1.08 MFHF / 2.11 VHF contain hardcod...

Iridium Pilot and OpenPort contain multiple vulnerabilities

Overview Broadband satellite terminals using Iridium Pilot and OpenPort have been found to contain undocumented hardcoded login credentials CWE-798. Additionally, these broadband satellite terminals utilize an insecure proprietary communications protocol that allows unauthenticated users to perfo...

Hardcoded credentials

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during...

Datum Systems satellite modem devices contain multiple vulnerabilities

Overview Datum Systems PSM-4500 and PSM-500 series satellite modem devices contain multiple vulnerabilities Description CWE-220:Sensitive Data Under FTP Root - CVE-2014-2950The Datum Systems SnIP operating system on PSM-4500 and PSM-500 satellite modem devices has FTP enabled by default with no...

Hardcoded credentials

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...

Hardcoded credentials

Cisco Unified Communications Domain Manager CDM in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation o...

Sitecom N300/N600 Devices - Multiple Vulnerabilities

No description provided by source. Multiple vulnerabilities on Sitecom N300/N600 devices ===================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on Sitecom N300/N600 devices Discovery date: 01/06/2013 Release date: 19/08/2013 Credits: Roberto...

Seagate BlackArmor NAS - Multiple Vulnerabilities

No description provided by source. Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | [email protected] Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS...

ZTE ZXV10 W300 Router - Hardcoded Credentials

No description provided by source. Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm=index.htm References:...

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Published: 01/03/2014 Version: 1.0 Vendor: Franklin Fueling Systems http://www.franklinfueling.com/ Product: TS-550 evo device Version affected:...

SAP multiple security vulnerabilities

Multiple hardcoded credentials, unauthorized configuration access...

CVE-2014-4012

SAP Open Hub Service has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4005

SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4009

SAP CCMS Monitoring BC-CCM-MON has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4008

SAP Web Services Tool CA-WUI-WST has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4007

The SAP Upgrade tools for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4006

The SAP Trader's and Scheduler's Workbench TSW for SAP Oil & Gas has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4010

SAP Transaction Data Pool has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4011

SAP Capacity Leveling has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4004

The 1 Structures and 2 Project-Oriented Procurement components in SAP Project System has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...