CVE-2024-54745

WAVLINK WN701AE router (M01AE_V240305) is affected by CVE-2024-54745 due to a hardcoded password in /etc/shadow that allows an attacker to log in as root. The CVE entry indicates a high-severity impact (CVSS v3.1: 9.8, CRITICAL) with Network attack vector, no privileges required, no user interact...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

PT-2024-36412 · Ubiquiti · Ubiquiti U7-Pro

Name of the Vulnerable Software and Affected Versions: Ubiquiti U7-Pro version 7.0.35 Description: A hardcoded password vulnerability was discovered in /etc/shadow, which allows attackers to log in as root. However, the supplier disputes this claim, stating that the device cannot be deployed...

PT-2024-36411 · Wavlink · Wavlink Wn531P3

Name of the Vulnerable Software and Affected Versions: WAVLINK WN531P3 version 202383 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue enables unauthorized access to the system with elevated privileges. Recommendations...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2023-51638

Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a...

CVE-2023-51638

Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a...

CVE-2024-52789

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52788

Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52789

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52788

Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52788

Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52788

Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52789

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

PT-2024-35441 · Tenda · Tenda W9

Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 Description: The issue is related to a hardcoded password in the /etc ro/shadow file, which allows attackers to log in as root. Recommendations: For Tenda W9 version 1.0.0.74456, consider changing the hardcoded...

CVE-2024-52789

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2024-52788

CVE-2024-52788 affects Tenda W9 (version 1.0.0.7(4456)). A hardcoded password in /etc_ro/shadow allows an attacker to log in as root. The entry is supported by multiple sources and has a CVSS v3.1 base score of 8.0 (HIGH) with adjacent access, low attack complexity, privileges required: low, and ...

CVE-2024-50593 Hardcoded Service Password

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software...