CVE-2024-4996 Hardcoded Password in Wapro ERP Desktop

Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90....

CVE-2024-4996

CVE-2024-4996 affects Wapro ERP Desktop prior to 8.90.0. Root cause is a hard-coded database administrator password created during installation, allowing an attacker to retrieve embedded sensitive data. Described impact includes high confidentiality/integrity/availability concerns; CVSS scores in...

CVE-2024-54751

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54751

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54751

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54751

Summary of CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2): A hardcoded password in /etc/shadow allows attackers to log in as root. Affected product version is CF-WR630AX 2.7.0.2. The provided documents consistently identify the root cause as a hardcoded password stored in /etc/shadow, enabling full...

PT-2024-36415 · Comfast · Comfast Cf-Wr630Ax

Name of the Vulnerable Software and Affected Versions: COMFAST CF-WR630AX version 2.7.0.2 Description: The issue is related to a hardcoded password vulnerability in the /etc/shadow file, which allows attackers to log in as the root user. This vulnerability enables unauthorized access to the syste...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54749

CVE-2024-54749 affects Ubiquiti U7-Pro (firmware 7.0.35). A hardcoded password in /etc/shadow could allow root login. The supplier disputes the observation, noting that a password exists in the firmware image but the device requires setting a new password during installation. Public sources concu...

CVE-2024-54750

CVE-2024-54750 affects Ubiquiti U6-LR firmware version 6.6.65, with a reported hardcoded password vulnerability in /etc/shadow that could enable login as root. The description notes that Ubiquiti disputes the vulnerability, claiming the hardcoded password should be post-setup, not pre-existing. T...