Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7562 matches found

NVD
NVDadded 2024/05/14 3:38 p.m.10 views

CVE-2024-34211

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

8.8CVSS7.1AI score0.00547EPSS
Exploits1References1
OSV
OSVadded 2024/05/14 3:25 p.m.1 views

CVE-2024-31810

TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2024/05/14 3:25 p.m.9 views

CVE-2024-31810

TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

9.8CVSS7.2AI score0.00615EPSS
Exploits1References1
CVE
CVEadded 2024/05/14 1:34 p.m.73 views

CVE-2024-33867

Summary: CVE-2024-33867 affects linqi before 1.4.0.1 on Windows due to a hardcoded password salt (root cause). Connected documents confirm the affected product/version and vulnerability description, with a CVSS v3.1 base score of 4.8 (Medium), attack vector LOCAL, privileges required HIGH, and us...

4.8CVSS7AI score0.00217EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/05/14 1:34 p.m.25 views

CVE-2024-33867

An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt...

7AI score0.00217EPSS
Exploits0References2
NVD
NVDadded 2024/05/14 12:39 p.m.13 views

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

8.6CVSS6.8AI score0.00712EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/05/14 12:0 a.m.5 views

PT-2024-25522 · Linqi · Linqi

Name of the Vulnerable Software and Affected Versions: linqi versions prior to 1.4.0.1 Description: An issue was discovered in linqi where there is a hardcoded password salt. Recommendations: For versions prior to 1.4.0.1, update to version 1.4.0.1 or later to resolve the issue...

4.8CVSS6.5AI score0.00217EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/05/13 7:58 p.m.18 views

CVE-2024-31810

TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

7.6AI score0.00615EPSS
Exploits1References1
CVE
CVEadded 2024/05/13 7:58 p.m.68 views

CVE-2024-31810

The CVE-2024-31810 entry affects TOTOLINK EX200 with version 4.0.3c.7646_B20201211, where a hardcoded root password exists in the file /etc/shadow.sample. This root-credential vulnerability enables high-privilege access and aligns with the documented CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I...

9.8CVSS7.5AI score0.00615EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2024/05/13 7:58 p.m.13 views

CVE-2024-31810

TOTOLINK EX200 V4.0.3c.7646B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

7.4AI score0.00615EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.2 views

PT-2024-24219 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: A hardcoded password for the root user was found in the /etc/shadow.sample file. Recommendations: For TOTOLINK EX200 version 4.0.3c.7646 B20201211, consider changing the hardcoded...

9.8CVSS6.6AI score0.00615EPSS
Exploits1References3
CVE
CVEadded 2024/05/10 4:14 p.m.70 views

CVE-2023-26566

CVE-2023-26566 affects Sangoma FreePBX 1805–2203 on Linux, with hardcoded Asterisk REST Interface (ARI) credentials. This enables remote attackers to reconfigure Asterisk and place calls via ARI endpoints over HTTP and WebSocket. The connected sources note the issue and provide remediation guidan...

8.6CVSS7.1AI score0.00712EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/05/10 4:14 p.m.25 views

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

7AI score0.00712EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/05/10 12:0 a.m.4 views

PT-2024-12105 · Sangoma · Sangoma Freepbx

Name of the Vulnerable Software and Affected Versions: Sangoma FreePBX versions 1805 through 2203 Description: The issue concerns hardcoded credentials for the Asterisk REST Interface ARI in Sangoma FreePBX, allowing remote attackers to reconfigure Asterisk and make external and internal calls vi...

8.6CVSS7.4AI score0.00712EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/05/09 2:20 p.m.12 views

CVE-2024-34211

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

7.3AI score0.00547EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/05/09 2:20 p.m.14 views

CVE-2024-34211

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

7.5AI score0.00547EPSS
Exploits1References1
CVE
CVEadded 2024/05/09 2:20 p.m.63 views

CVE-2024-34211

Totolink CP450 v4.1.0cu.747_B20191224 contains a hardcoded password in /etc/shadow.sample that can allow an attacker to log in as root. CVSSv3.1 measures a high impact (8.8) with adjacent attack vector and no potential user interaction. Connected sources provide concrete details: affected softwar...

8.8CVSS7.4AI score0.00547EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/05/09 12:0 a.m.6 views

PT-2024-25745 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: The issue is related to a hardcoded password vulnerability found in the /etc/shadow.sample file. This vulnerability allows attackers to log in as root. Recommendations: For TOTOLINK...

8.8CVSS6.9AI score0.00547EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2024/05/03 3:16 a.m.0 views

CVE-2023-51629

D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw...

8.8CVSS5.8AI score0.03871EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/05/03 3:16 a.m.3 views

CVE-2023-51629

D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw...

8.8CVSS5.8AI score0.03871EPSS
Exploits0References2
Rows per page
Query Builder