CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-10773

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full access to the device...

CVE-2024-10773 SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacks

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full access to the device...

CVE-2024-10773

The CVE-2024-10773 entry affects SICK InspectorP61x, InspectorP62x and TiM3xx devices. Root cause: pass-the-hash attacks enabled by hardcoded hidden-user credentials, allowing an attacker to log in as hidden levels and gain full device access. Affected versions are InspectorP61x and InspectorP62x...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

CVE-2024-54745

WAVLINK WN701AE router (M01AE_V240305) is affected by CVE-2024-54745 due to a hardcoded password in /etc/shadow that allows an attacker to log in as root. The CVE entry indicates a high-severity impact (CVSS v3.1: 9.8, CRITICAL) with Network attack vector, no privileges required, no user interact...

CVE-2024-54747

CVE-2024-54747 affects WAVLINK WN531P3 (firmware version 202383). A hardcoded password vulnerability in /etc/shadow could allow an attacker to log in as root, enabling full control of the device. The consolidated sources confirm root-privilege access via a hardcoded credential, with no publicly d...

CVE-2024-54745

WAVLINK WN701AE M01AEV240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54747

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-54749

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot ...

CVE-2024-54750

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before...

PT-2024-16533 · Sick · Sick Tim3Xx +2

Name of the Vulnerable Software and Affected Versions: SICK InspectorP61x versions affected versions not specified SICK InspectorP62x versions affected versions not specified SICK TiM3xx versions affected versions not specified Description: The product is vulnerable to pass-the-hash attacks in...

PT-2024-36411 · Wavlink · Wavlink Wn531P3

Name of the Vulnerable Software and Affected Versions: WAVLINK WN531P3 version 202383 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue enables unauthorized access to the system with elevated privileges. Recommendations...