Lucene search
K

1190 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.6 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS6.9AI score0.00729EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.5 views

CVE-2022-37832

Mutiny 7.2.0-10788 suffers from Hardcoded root password...

9.8CVSS7AI score0.00621EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:39 a.m.7 views

CVE-2022-35491

TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample...

9.8CVSS7.2AI score0.00703EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:40 a.m.9 views

CVE-2022-26119

A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password...

7.8CVSS6.6AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 12:0 a.m.21 views

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

0.00295EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:53 a.m.16 views

CVE-2013-7382

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

5CVSS7.2AI score0.02789EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.5 views

CVE-2019-12920

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt...

10CVSS7.3AI score0.0228EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/26 12:0 a.m.151 views

📄 Backdoor.Win32.ControlTotal.t Hardcoded-Password Backdoor

This tool was design to leverage a hardcoded password backdoor in Backdoor.Win32.ControlTotal.t to simulate communications with the malware. ============================================================================================================================================= | Title :...

7AI score
Exploits0
Cvelist
Cvelist
added 2025/12/09 8:13 a.m.30 views

CVE-2025-41696 Hardcoded User Password

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

4.6CVSS0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/06 7:54 a.m.15 views

CVE-2025-12676

The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin using a hardcoded password for authentication in the QueryControllerAdmin::authenticated function. This makes it possible for unauthenticated attacke...

5.3CVSS6.5AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/11/05 8:15 a.m.5 views

CVE-2025-12676

The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin using a hardcoded password for authentication in the QueryControllerAdmin::authenticated function. This makes it possible for unauthenticated attacke...

5.3CVSS0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/05 7:27 a.m.7 views

CVE-2025-12676 KiotViet Sync <= 1.8.5 - Use of Hard-coded Password to Authorization Bypass

The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin using a hardcoded password for authentication in the QueryControllerAdmin::authenticated function. This makes it possible for unauthenticated attacke...

5.3CVSS0.00298EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.9 views

PT-2025-45094

Name of the Vulnerable Software and Affected Versions KiotViet Sync plugin for WordPress versions up to and including 1.8.5 Description The KiotViet Sync plugin for WordPress is susceptible to authorization bypass. This is caused by the use of a hardcoded password for authentication within the...

5.3CVSS6.6AI score0.00298EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16058

Malware in sbrugna...

9.3CVSS8.2AI score0.015EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-6778

Malware in sbrugna...

8.8CVSS8.8AI score0.02071EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-8246

Malware in sbrugna...

10CVSS9.3AI score0.04674EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4302

Malware in sbrugna...

1.9CVSS6.4AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-5768

Malware in sbrugna...

4CVSS6.4AI score0.00985EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-5284

Malware in sbrugna...

7.5CVSS6.4AI score0.02096EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-5536

Malware in sbrugna...

7.5CVSS7.5AI score0.01196EPSS
Exploits0References3
Rows per page
Query Builder