PT-2025-37369

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10 6 2-18707-ea552dc00b devices have a static root password...

CVE-2025-52363

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access...

CVE-2022-47036

Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware,...

CVE-2014-2264

The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session...

CVE-2024-57040

TL-WR845NUNV4200909 and TL-WR845NUNV4190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or via a brute force attack through physical access to the router...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2023-41610

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext...

Tenda i29 安全漏洞

The Tenda i29 is a wireless router from the Chinese company Tenda. A trust management issue vulnerability exists in the Tenda i29 version V1.0.0.5, which originates from a hardcoded password containing root. An attacker can exploit this vulnerability to cause authentication bypass...

PT-2024-21690 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a hardcoded root password shared among all Toshiba printers. There is no information provided about the estimated number of potentially affected devices worldwid...

PT-2024-27697 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version 1 FW1.01B01 Description: The issue allows attackers to log in as root due to a hardcoded password vulnerability found in /etc/shadow.sample. This enables unauthorized access to the system. Recommendations: For...

CVE-2022-47036

Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware,...

CVE-2022-47036

Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware,...

PT-2024-11746 · Siklu · Siklu Tg Terragraph

Name of the Vulnerable Software and Affected Versions: Siklu TG Terragraph devices versions prior to 2.1.1 Description: The issue is related to a hardcoded root password in Siklu TG Terragraph devices, which was revealed through a brute force attack on an MD5 hash. This password can be used for...

CVE-2023-49253

Root user password is hardcoded into the device and cannot be changed in the user interface...

CVE-2023-39808

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

CVE-2023-39808

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

CVE-2023-39808

CVE-2023-39808 affects N.V.K. INTER iBSG v3.5. The vulnerability stems from a hardcoded root password, enabling an attacker to log in with root privileges over SSH. Public sources corroborate the issue and assign a high severity (CVSSv3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No exploitatio...

CVE-2022-37832

Mutiny 7.2.0-10788 suffers from Hardcoded root password...

CVE-2022-37832

Mutiny Network Monitoring Appliance (Mutiny) is affected by CVE-2022-37832. A hardcoded root password exists in Mutiny version 7.2.0-10788 (and prior per CNVD entry), enabling potential full system compromise without authentication or user interaction. The NVD/CVSS data assigns a 3.1 base score o...

CVE-2022-40111

In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware...