7560 matches found
CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability
The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...
CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability
The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...
CVE-2024-28987
SolarWinds Web Help Desk (WHD) is affected by a hardcoded credential vulnerability that allows remote, unauthenticated access to internal functionality and data modification. Affected versions are WHD
GO-2023-2022 Netmaker has Hardcoded DNS Secret Key in github.com/gravitl/netmaker
Netmaker has Hardcoded DNS Secret Key in github.com/gravitl/netmaker...
CVE-2024-28987
The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. Recent assessments: sfewer-r7 at November 22, 2024 4:16pm UTC reported: SolarWinds Web Help Desk is described as an...
PT-2024-31448 · Uci Software Gmbh · Uci Idol 2
Name of the Vulnerable Software and Affected Versions: UCI IDOL 2 versions through 2.12 Description: An issue was discovered in the encryption mechanism used by UCI IDOL 2. Data sent between the client and server is encrypted, but the key is derived from a static string "c2007 UCI Software GmbH...
GO-2023-1283 KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys in github.com/KubeOperator/kubepi
KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys in github.com/KubeOperator/kubepi...
CVE-2024-8005 demozx gf_cms JWT Authentication auth.go init hard-coded credentials
A vulnerability was found in demozx gfcms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. Th...
Ewon Cosy+ Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-032 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-32...
CVE-2024-42639
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42639
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42637
H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42638
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42638
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42639
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...
PT-2024-30088 · H3C · H3C Magic B1St
Name of the Vulnerable Software and Affected Versions: H3C Magic B1ST version v100R012 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue affects the H3C Magic B1ST device, potentially allowing unauthorized access...
CVE-2024-42637
The CVE-2024-42637 entry concerns H3C R3010, version v100R002L02, with a hardcoded password in /etc/shadow that can allow root login. Connected sources (Red Hat and NVD) confirm the same description and add a CVSS 3.1 base score of 9.8 (CRITICAL, NETWORK exploitability, no user interaction). The ...
CVE-2024-42639
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...
CVE-2024-42639
The CVE-2024-42639 issue affects H3C GR1100-P v100R009. A hardcoded password in /etc/shadow allows an unauthenticated attacker to log in as root, yielding total compromise of the device. The vulnerability is classified with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL)...
CVE-2024-42637
H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...