CVE-2022-40111

In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware...

CVE-2022-40111

CVE-2022-40111 affects the TOTOLINK A3002R firmware (TOTOLINK-A3002R-He-V1.1.1-B20200824.0128). The issue is that, in the shadow.sample file, the root user is hardcoded in the firmware, enabling severe unauthorized access potential. The vendor-focused PT-2022-25214 report corroborates the shadow....

TOTOLINK A3002R 信任管理问题漏洞

The TOTOLINK A3002R is a wireless dual-band Gigabit router from China's TOTOLINK Corporation that complies with the latest IEEE802.11ac Wave 2 standard. A security vulnerability exists in the TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 version, which originates from root being...

CVE-2022-36610

TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36615

TOTOLINK A3000RU V4.1.2cu.5185B20201128 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36613

TOTOLINK N600R V4.3.0cu.7647B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36614

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36611

TOTOLINK A800R V4.1.2cu.5137B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36612

TOTOLINK A950RG V4.1.2cu.5204B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE-2022-36614

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

TOTOLINK A3000RU 信任管理问题漏洞

The TOTOLINK A3000Ru is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A3000RU version V4.1.2cu.5185B20201128, which originates from the inclusion of a hardcoded root password in /etc/shadow.sample...

CVE-2022-35491

TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample...

Barco wePresent WiPG-1600W Global Hardcoded Root SSH Password Vulnerability

Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have a hardcoded root password hash included in the firmware image. Title: Barco wePresent Global Hardcoded Root SSH Password Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1...

CVE-2020-15319

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree...

CVE-2020-15316

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree...

SICUNET Access Controller 0.32-05z Code Execution / File Disclosure Vulnerabilities

Exploit for php platform in category web applications SICUNET Physical Access Controller - Multiple Vulnerabilities ------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in the SICUNET Access Controller Products. The...

SICUNET Access Controller 0.32-05z Code Execution / File Disclosure

SICUNET Physical Access Controller - Multiple Vulnerabilities ------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in the SICUNET Access Controller Products. The vulnerabilities were discovered during a black box security...

CVE-2016-5678

NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors...

Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password

Vulnerability Title: Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Date: 23/03/2016 Product: Zyxel MAX3XX series CPEs Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure v 2.00 and below tested Patch: Unpatched Vendor contact date: 12/12/2015 Authored by:...

CVE-2015-6481

The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session...