PT-2024-12945 · Victure · Victure Pc420

Name of the Vulnerable Software and Affected Versions: Victure PC420 version 1.1.39 Description: The issue is related to the use of a weak and partially hardcoded key for data encryption. Recommendations: For Victure PC420 version 1.1.39, at the moment, there is no information about a newer versi...

PT-2024-12944 · Victure · Victure Pc420

Name of the Vulnerable Software and Affected Versions: Victure PC420 version 1.1.39 Description: The issue concerns a hardcoded root password stored in plaintext. Recommendations: For Victure PC420 version 1.1.39, consider changing the hardcoded root password to a unique and secure password as a...

CVE-2023-41610

CVE-2023-41610 affects Victure PC420 firmware 1.1.39, where a hardcoded root password is stored in plaintext. The vulnerability is evidenced in multiple sources (NVD/Red Hat/CNNVD/CVE records) describing the presence of a hardcoded administrator credential. There is no documented fix version with...

D-Link DIR-X4860 操作系统命令注入漏洞

The DIR-X4860 is a wireless router from China's AUO D-Link. AUO DIR-X4860 suffers from an operating system command injection vulnerability that originates from a failure to properly validate user input in the telnet service, which can be exploited by an unauthenticated, remote attacker to log int...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-6656 Hardcoded Credentals in TNB Mobile Solutions' Cockpit Software

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability

SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...

CVE-2021-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk

Description : The SolarWinds Web Help Desk WHD software is...

Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk

Description : The SolarWinds Web Help Desk WHD software is...

Backdoor.Win32.Optix.02.b MVID-2024-0690 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Optix.02.b Vulnerability: Weak Hardcoded Credentials Description: Optix listens o...

Novell ZENworks Asset Management 7.5 Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Asset Management 7.5 Remote File Access', 'Description' = %q This module exploits a hardcoded user and password for the GetFile...

AVTECH 744 DVR Account Information Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVTECH 744 DVR Account Information Retrieval', 'Description' = %q This module will extract the account information from the AVTECH 744 DVR device...

PT-2024-26325 · Ibm · Ibm Maas360

Name of the Vulnerable Software and Affected Versions: IBM MaaS360 for Android versions 6.31 through 8.60 Description: The issue concerns hardcoded credentials in IBM MaaS360 for Android that can be obtained by a user with physical access to the device. This allows unauthorized access to the...

SolarWinds Web Help Desk < 12.8.3 HF 2 HardCoded Credentials

The version of SolarWinds Web Help Desk installed on the remote host is prior to 12.8.3 HF2. It is, therefore, affected by a hardcoded credential vulnerability, that, if exploited, would allow an attacker to run commands on the host machine. Note that Nessus has not tested for these issues but ha...

Vulnerabilities fixed in Solarwinds Web Helpdesk

Solarwinds fixed vulnerabilities in Web Helpdesk A malicious party can exploit the vulnerabilities to execute code on the system using Java deserialization. A malicious party can also use hardcoded credentials to gain access to data and functionality. Solarwinds developers have released a hotfix ...

CVE-2024-45165

CVE-2024-45165 affects UCI IDOL 2 (IDOL2) up to version 2.12. The issue is that the client–server encryption uses a static, hardcoded key derived from the string “(c)2007 UCI Software GmbH B.Boll.” This enables an attacker with access to the messages to decrypt and re-encrypt traffic, enabling pa...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...