Malicious code in Be.Vlаanԁeren.Basisregisters.NisCodeServicе.HardCodеd (NuGet)

--- -= Per source details. Do not edit below this line.=-...

Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities allowing complete bypass product: Faronics WINSelect Standard + Enterprise vulnerable version: 8.30.xx.903 fixed version: 8.30.xx.903 CVE number:...

CVE-2024-38902

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-38902

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-36496 Hardcoded Credentials

The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm no salt and uses the first five bytes as the key for RC...

CVE-2024-36496 Hardcoded Credentials

The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm no salt and uses the first five bytes as the key for RC...

CVE-2024-38902

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-38902

CVE-2024-38902 affects H3C Magic R230, specifically version V100R002. The description across sources confirms a hardcoded password in /etc/shadow that can allow an attacker to log in as root. Public records from NVD/Red Hat/CNVD/CVE entries corroborate the vulnerability details (no exploit specif...

PT-2024-28270 · H3C · H3C Magic R230

Name of the Vulnerable Software and Affected Versions: H3C Magic R230 version V100R002 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. Recommendations: For H3C Magic R230 version V100R002, consider changing the hardcoded passwor...

CVE-2024-38902

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BLE AppAuthenRequest command...

PT-2024-20201 · Autel · Autel Maxicharger Ac Elite Business C50

Name of the Vulnerable Software and Affected Versions: Autel MaxiCharger AC Elite Business C50 affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations...

PaperCut NG VendorKeys Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a VendorKeys object. The issue results from the use of hard-coded...

CVE-2024-37644

TRENDnet TEW-814DAP v1FW1.01B01 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

CVE-2024-37644

TRENDnet TEW-814DAP v1FW1.01B01 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

CVE-2024-34539

Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged actions...

CVE-2024-27168

It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL...

CVE-2024-27164

Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference URL...

CVE-2024-27160

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for th...

CVE-2024-27161

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult t...