CVE-2024-42638

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-42637

H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-42638

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

PT-2024-30089 · H3C · H3C Gr-1100-P

Name of the Vulnerable Software and Affected Versions: H3C GR1100-P version v100R009 Description: The issue is related to a hardcoded password in /etc/shadow, which allows attackers to log in as root. This enables unauthorized access to the system. Recommendations: For H3C GR1100-P version...

CVE-2024-42638

CVE-2024-42638 affects H3C Magic B1ST v100R012. The vulnerability is a hardcoded password in the system file /etc/shadow that permits authentication as root, enabling full administrative access. Public metric data from NVD indicates a CRITICAL (9.8) base score with NETWORK attack vector, no privi...

PT-2024-30087 · H3C · H3C R3010

Name of the Vulnerable Software and Affected Versions: H3C R3010 version v100R002L02 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue affects the H3C R3010 device, potentially allowing unauthorized access...

CVE-2024-42637

H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-31798

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices...

CVE-2023-20512

A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...

CVE-2023-20512

CVE-2023-20512 describes a hardcoded AES key in PMFW that could allow a privileged attacker to access the key and potentially leak internal debug information. Multiple connected sources corroborate PMFW as the affected component and the root cause as a hardcoded key, leading to unauthorized acces...

PT-2024-11949 · Pmfw · Pmfw

Name of the Vulnerable Software and Affected Versions: PMFW affected versions not specified Description: A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage. Recommendations: At the moment, there is...

D-Link DAP-1360 Rev. F / DAP-2020 Rev. A2 Devices Multiple Vulnerabilities

D-Link DAP-1360 Rev. F and DAP-2020 Rev. A2 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All

Security researcher Bill Demirkapi found more than 15,000 hardcoded secrets and 66,000 vulnerable websites—all by searching overlooked data sources...

CVE-2024-41616

D-Link DIR-300 REVA FIRMWARE v1.06B05WW contains hardcoded credentials in the Telnet service...

CVE-2024-41616

D-Link DIR-300 REVA FIRMWARE v1.06B05WW contains hardcoded credentials in the Telnet service...

CVE-2024-41616

D-Link DIR-300 REVA FIRMWARE v1.06B05WW contains hardcoded credentials in the Telnet service...

D-Link DIR-300 安全漏洞

The D-Link DIR-300 is a wireless router from China AUO D-Link. A security vulnerability exists in D-Link DIR-300 v1.06B05WWW, which originates from the Telnet service using hardcoded credentials...

CVE-2024-41616

CVE-2024-41616 affects D-Link DIR-300 REVA firmware v1.06B05_WW, where the Telnet service uses hardcoded credentials, enabling potential unauthenticated access if Telnet is exposed. The vulnerability is rooted in the Telnet implementation, with high impact on confidentiality, integrity, and avail...

CVE-2024-38885

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application...

CVE-2024-38885

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application...