7554 matches found
CVE-2025-57602
Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can...
PT-2025-38730
Name of the Vulnerable Software and Affected Versions AiKaan Cloud Controller affected versions not specified Description The AiKaan Cloud Controller utilizes a single, hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an...
CVE-2025-57601
AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...
CVE-2025-57601
Affected software : AiKaan Cloud Controller. Vulnerability : uses a single hardcoded SSH private key and the same proxyuser for remote terminal access to all managed IoT/edge devices; when Open Remote Terminal is invoked, the static key is sent to the target device, enabling reverse SSH tunnels t...
CVE-2025-34198
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
CVE-2025-52159
Hardcoded credentials in default configuration of PPress 0.0.9...
CVE-2025-54807
The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system...
CVE-2025-52159
Hardcoded credentials in default configuration of PPress 0.0.9...
CVE-2025-52159
Hardcoded credentials in default configuration of PPress 0.0.9...
CVE-2025-34197
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 VA and SaaS deployments contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges ubuntu...
CVE-2025-34197
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 VA and SaaS deployments contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges ubuntu...
CVE-2025-34198
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
CVE-2025-34198
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
CVE-2025-34198
CVE-2025-34198 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application where versions before 22.0.951 (Host) and 20.0.2368 (Application) include shared, hardcoded SSH host private keys (RSA, ECDSA, ED25519) embedded in the appliance image. Because the same keys are use...
CVE-2025-34198 Vasion Print (formerly PrinterLogic) Shared / Hardcoded SSH Host Private Keys in Appliance Image
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
CVE-2025-34198 Vasion Print (formerly PrinterLogic) Shared / Hardcoded SSH Host Private Keys in Appliance Image
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
CVE-2025-34197 Vasion Print (formerly PrinterLogic) Undocumented Local Account with Hardcoded Password and Passwordless sudo
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 VA and SaaS deployments contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges ubuntu...
CVE-2025-34197
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 VA and SaaS deployments contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges ubuntu...
CVE-2025-34197 Vasion Print (formerly PrinterLogic) Undocumented Local Account with Hardcoded Password and Passwordless sudo
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 VA and SaaS deployments contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges ubuntu...
CVE-2025-34197
CVE-2025-34197 affects Vasion Print Virtual Appliance Host < 22.0.951 and Vasion Print Application