Lucene search
K

7580 matches found

Prion
Prion
added 2023/06/02 11:15 a.m.11 views

Hardcoded credentials

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption...

5.8CVSS6.9AI score0.0051EPSS
Exploits0References1
NVD
NVD
added 2023/06/01 6:15 a.m.7 views

CVE-2022-4333

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...

9.8CVSS9.5AI score0.00851EPSS
Exploits1References1
Prion
Prion
added 2023/06/01 6:15 a.m.18 views

Hardcoded credentials

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...

7.5CVSS9.3AI score0.00851EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/06/01 5:36 a.m.4 views

CVE-2022-4333 Sprecher: Sprecon maintenance access with hardcoded credentials

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...

9.8CVSS7AI score0.00851EPSS
Exploits1References1
CVE
CVE
added 2023/06/01 5:36 a.m.50 views

CVE-2022-4333

CVE-2022-4333 concerns Sprecher Automation SPRECON-E CPU variants with hardcoded credentials that enable a remote attacker to take over the device. Multiple connected sources (Red Hat advisory, Tenable OT plugin, CVE records, and vendor/PT/security databases) consistently describe a vulnerability...

9.8CVSS9.5AI score0.00851EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/06/01 5:36 a.m.17 views

CVE-2022-4333 Sprecher: Sprecon maintenance access with hardcoded credentials

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines...

9.8CVSS9.6AI score0.00851EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/06/01 4:15 a.m.4 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.8CVSS7.3AI score0.00599EPSS
Exploits1References2
NVD
NVD
added 2023/06/01 4:15 a.m.21 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.8CVSS9.6AI score0.00599EPSS
Exploits1References1
OSV
OSV
added 2023/06/01 4:15 a.m.5 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References1
Prion
Prion
added 2023/06/01 4:15 a.m.21 views

Hardcoded credentials

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

7.5CVSS9.4AI score0.00599EPSS
Exploits1References1Affected Software72
Prion
Prion
added 2023/06/01 2:15 a.m.13 views

Hardcoded credentials

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

6.5CVSS8.6AI score0.00812EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/01 12:0 a.m.8 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.6AI score0.00599EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-9803 · Draytek · Draytek Vigor Switches +3

Name of the Vulnerable Software and Affected Versions: Draytek Vigor Routers versions below 3.9.6/4.2.4 Draytek Vigor Access Points versions below v1.4.0 Draytek Vigor Switches versions below 2.6.7 Draytek Vigor Myvigor versions below 2.3.2 Description: The issue is related to the use of hardcode...

9.8CVSS6.9AI score0.00599EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/06/01 12:0 a.m.34 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.7AI score0.00599EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.2 views

PT-2023-14192 · Sprecher Automation · Sprecon-E Cpu

Name of the Vulnerable Software and Affected Versions: Sprecher Automation SPRECON-E CPU variants affected versions not specified Description: The issue concerns hardcoded credentials in multiple SPRECON-E CPU variants of Sprecher Automation, allowing a remote attacker to take over the device. To...

9.8CVSS9.3AI score0.00851EPSS
Exploits1References4
CVE
CVE
added 2023/06/01 12:0 a.m.61 views

CVE-2023-28937

DataSpider Servista 4.4 and earlier is affected by a vulnerability where a cryptographic key is hard-coded into ScriptRunner and ScriptRunner for Amazon SQS. If an attacker with access to a target DataSpider Servista instance can obtain a Launch Settings file, they may operate with the user’s enc...

8.8CVSS8.6AI score0.00812EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2023/05/31 8:15 p.m.16 views

Buffer overflow

Multiple models of the Uniview IP Camera e.g., IPCG6103 B6103.16.10.B25.201218, IPCG61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPCHCMN offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using...

7.5CVSS9.9AI score0.04225EPSS
Exploits1References2
Prion
Prion
added 2023/05/30 8:15 p.m.21 views

Hardcoded credentials

ROZCOM client CWE-798: Use of Hard-coded Credentials...

4.3CVSS7.7AI score0.02327EPSS
Exploits0References1
Prion
Prion
added 2023/05/30 5:15 a.m.27 views

Hardcoded credentials

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

5CVSS7.5AI score0.00651EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/05/24 12:0 a.m.28 views

Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Moxa MXsecurity Series appliances. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the web-based interface. The issue results from a...

9.8CVSS6.9AI score0.00973EPSS
Exploits0References1
Rows per page
Query Builder