Unspecified Vulnerability in D-Link DIR-860L (CNVD-2024-35163)

The D-Link DIR-860L is a wireless router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-860L REVA FIRMWARE PATCH version 1.10.B04, which originates from the Telnet service containing hardcoded credentials, which can be exploited by an attacker to remotely login to the...

PT-2024-28256 · Horizon Business Services Inc. · Caterease

Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in...

CVE-2024-38885

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application...

CVE-2024-38885

CVE-2024-38885 affects Horizon Business Services Inc. Caterease (versions 16.0.1.1663–24.0.1.2405 and possibly later). The root cause is hardcoded SQL user credentials in the client application, enabling a remote attacker to perform unauthorized access using known operating system credentials ove...

CVE-2024-41611

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

CVE-2024-41611

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

CVE-2024-41610

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

GHSA-CP2C-X2PC-FPH7 Apache SeaTunnel Web Authentication vulnerability

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

Apache SeaTunnel Web Authentication vulnerability

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

CVE-2023-48396

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

CVE-2023-48396

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

CVE-2023-48396

CVE-2023-48396 concerns an authentication bypass in Apache SeaTunnel (v1.0.0). The underlying issue is a hardcoded JWT secret in the application, enabling an attacker to forge tokens and log in as any user. The secret key can be retrieved from the file path shown in the reports (seatunnel-app/src...

CVE-2023-48396 Apache SeaTunnel Web: Authentication bypass

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

CVE-2023-48396 Apache SeaTunnel Web: Authentication bypass

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affect...

CVE-2024-41610

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

D-Link DIR-860L 安全漏洞

The D-Link DIR-860L is a wireless router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-860L REVA FIRMWARE PATCH version 1.10.B04, which originates from the Telnet service containing hardcoded credentials, which can be exploited by an attacker to remotely login to the...

D-Link DIR-820LW 安全漏洞

The D-Link DIR-820LW is a dual-band wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-820LW REVB FIRMWARE PATCH version 2.03.B01TC, which originates from the inclusion of hardcoded credentials in the Telnet service, allowing an attacker to remotely log...

PT-2024-29461 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-820LW REVB FIRMWARE versions prior to 2.03.B01 TC Description: The issue concerns hardcoded credentials in the Telnet service, allowing attackers to log in remotely and execute arbitrary commands. Recommendations: For versions prio...

CVE-2024-41611

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

PT-2024-29462 · D Link · Dir-860L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-860L REVA FIRMWARE versions 1.10 through 1.10.B04 Description: The issue concerns hardcoded credentials in the Telnet service, allowing remote login and execution of arbitrary commands. Recommendations: For versions 1.10 through...