Lucene search
K

3044 matches found

CVE
CVE
added 2025/04/08 8:22 a.m.62 views

CVE-2024-41794

The CVE-2024-41794 entry refers to Siemens SENTRON 7KT PAC1260 Data Manager (All versions) with hardcoded credentials enabling remote root access. Affected devices could be accessed unauthenticated remotely if SSH is enabled, potentially allowing full device compromise. The related CVE-2024-41793...

10CVSS7.8AI score0.00591EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15392 · Senron · Senron 7Kt Pac1260 Data Manager

Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager affected versions not specified Description: A vulnerability has been identified where affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This...

10CVSS6.7AI score0.00591EPSS
Exploits0References7
NVD
NVD
added 2025/04/07 5:15 p.m.9 views

CVE-2025-3426

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

7.2CVSS0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/07 4:23 p.m.7 views

CVE-2025-3426 Use of default hardcoded credentials

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

7.2CVSS7.6AI score0.00144EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/07 4:23 p.m.22 views

CVE-2025-3426 Use of default hardcoded credentials

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...

7.2CVSS0.00144EPSS
Exploits0References2
CVE
CVE
added 2025/04/07 4:23 p.m.49 views

CVE-2025-3426

The CVE-2025-3426 entry describes lack of reverse engineering protections in Philips IntelliSpace Portal binaries, enabling discovery of hardcoded credentials. Affected products are IntelliSpace Portal 12 and earlier and Advanced Visualization Workspace 15. Technical details from connected source...

7.2CVSS7.6AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.4 views

PT-2025-15271 · Philips · Advanced Visualization Workspace +1

Name of the Vulnerable Software and Affected Versions: Intellispace Portal versions 12 and prior Advanced Visualization Workspace version 15 Description: The issue is related to the lack of protection mechanisms in the Intellispace Portal binaries, making it possible for attackers to...

7.2CVSS6.6AI score0.00144EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/04/04 12:0 a.m.7 views

Esri Portal for ArcGIS < Security 2025 Update 1 Hardcoded Credentials

The version of Esri Portal for ArcGIS installed is missing Security 2025 Update 1. It is, therefore, affected by a hardcoded credentials vulnerability: - A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow ...

9.8CVSS5.8AI score0.0054EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 9:15 p.m.5 views

CVE-2025-2538

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system...

9.8CVSS5.8AI score0.0054EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/20 4:12 p.m.11 views

CVE-2025-30137

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for ports 9091 and 9092. The GNET mobile application contains hardcoded credentials that provide unauthorized access to the dashcam's API endpoints on ports 9091 and 9092. Once the GNET SSID is connected to...

9.8CVSS7.5AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/20 4:9 p.m.10 views

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

9.8CVSS7AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/20 4:8 p.m.7 views

CVE-2025-30109

In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and...

6.5CVSS7AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/20 4:7 p.m.5 views

CVE-2025-30123

An issue was discovered on ROADCAM X3 devices. The mobile app APK Viidure contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device...

9.8CVSS7.4AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2025/03/18 8:15 p.m.9 views

CVE-2025-30137

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for ports 9091 and 9092. The GNET mobile application contains hardcoded credentials that provide unauthorized access to the dashcam's API endpoints on ports 9091 and 9092. Once the GNET SSID is connected to...

9.8CVSS0.00436EPSS
Exploits0References2
NVD
NVD
added 2025/03/18 3:16 p.m.6 views

CVE-2025-30109

In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and...

6.5CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2025/03/18 3:16 p.m.14 views

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

9.8CVSS0.00413EPSS
Exploits0References2
CVE
CVE
added 2025/03/18 12:0 a.m.58 views

CVE-2025-30106

The CVE-2025-30106 entry concerns IROAD v9 dashcams that ship with hardcoded default credentials ("qwertyuiop") which cannot be changed by the user. The credential hardening absence enables an attacker within Wi‑Fi range to connect to the device’s network for sniffing. Public sources in the conne...

8.8CVSS6.9AI score0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.13 views

CVE-2025-30137

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for ports 9091 and 9092. The GNET mobile application contains hardcoded credentials that provide unauthorized access to the dashcam's API endpoints on ports 9091 and 9092. Once the GNET SSID is connected to...

0.00436EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.12 views

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.10 views

CVE-2025-30123

An issue was discovered on ROADCAM X3 devices. The mobile app APK Viidure contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device...

0.00413EPSS
Exploits0References2
Rows per page
Query Builder