Lucene search
K

7574 matches found

Prion
Prion
added 2023/05/18 4:15 p.m.19 views

Hardcoded credentials

A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to t...

5.8CVSS9.2AI score0.00815EPSS
Exploits0References4Affected Software1
Code423n4
Code423n4
added 2023/05/18 12:0 a.m.17 views

Upgraded Q -> 2 from #404 [1684435083624]

Judge has assessed an item in Issue 404 as 2 risk. The relevant finding follows: Global Budget Constraint is said to be 2% in Docs But It Is 3% in The code Description: In the docs it is mentioned that Global Budget Constraint should be 2% but in the code here it is hardcoded to 3%. --- The text...

7.1AI score
Exploits0
NVD
NVD
added 2023/05/10 4:15 p.m.17 views

CVE-2023-30354

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

9.8CVSS9.4AI score0.00445EPSS
Exploits0References2
NVD
NVD
added 2023/05/10 4:15 p.m.15 views

CVE-2023-30351

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service or UART by using the exposed credentials...

7.5CVSS7.6AI score0.00239EPSS
Exploits0References2
Prion
Prion
added 2023/05/10 4:15 p.m.26 views

Hardcoded credentials

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed...

7.5CVSS9.6AI score0.00659EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/10 4:15 p.m.26 views

Hardcoded credentials

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

7.5CVSS9.3AI score0.00445EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.5 views

PT-2023-22650 · Shenzen Tenda Technology · Tenda Ip Camera Cp3

Name of the Vulnerable Software and Affected Versions: Shenzen Tenda Technology IP Camera CP3 version V11.10.00.2211041355 Description: The issue concerns physical access to U-Boot via the UART, where the Wi-Fi password is exposed, and a hardcoded boot password can be used for console access...

9.8CVSS9.2AI score0.00445EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.2 views

Tenda CP3 信任管理问题漏洞

Tenda CP3 is a smart camera from Tenda China. A security vulnerability exists in Tenda CP3 version V11.10.00.2211041355, which stems from the device containing a hardcoded default password for RTSP mentions...

9.8CVSS8.4AI score0.00659EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/10 12:0 a.m.11 views

CVE-2023-30354

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

9.4AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 2023/05/10 12:0 a.m.50 views

CVE-2023-30354

The CVE-2023-30354 entry concerns Shenzen Tenda CP3 IP Camera (v11.10.00.2211041355). The issue arises from allowing physical access to U-Boot via UART, which exposes the Wi‑Fi password and enables a hardcoded boot password to be entered for console access. Affected component: U-Boot console on C...

9.8CVSS9.2AI score0.00445EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/05/09 1:15 p.m.18 views

Hardcoded credentials

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1, SIMATIC Cloud Connect 7 CC716 All versions V2.1. The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected dat...

4CVSS4.9AI score0.00387EPSS
Exploits0References1Affected Software2
Code423n4
Code423n4
added 2023/05/08 12:0 a.m.13 views

Mitigation of M-04: Mitigation error

MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-04: Mitigation error Link to Issue: code-423n4/2023-03-asymmetry-findings932 Comments Even though the original issue is mitigated, as the exchange through Uniswap V3 has been completely removed in favor of using...

6.8AI score
Exploits0
Prion
Prion
added 2023/05/05 4:15 p.m.15 views

Hardcoded credentials

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round function in box.cc, which causes a denial of service...

4.3CVSS6.2AI score0.00927EPSS
Exploits1References3Affected Software2
Code423n4
Code423n4
added 2023/05/04 12:0 a.m.15 views

_deployPod() is using hardcoded salt value which can cause issues

Lines of code Vulnerability details Impact deployPod is deploying pod but there is a hardcoded salt value of 0 which can cause issue Proof of Concept There is a risk of address collisions if two different users call the deployPod function with the same input parameters at the same time. This coul...

6.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/05/04 12:0 a.m.22 views

D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The...

8.8CVSS7AI score0.00916EPSS
Exploits0References1
Prion
Prion
added 2023/05/03 10:15 p.m.11 views

Hardcoded credentials

A use of hard-coded credentials vulnerability CWE-798 in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands...

4.3CVSS7.5AI score0.00164EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/04/28 1:15 p.m.15 views

Hardcoded credentials

The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte blowfish key "PASSKEY" to encrypt and decrypt the database connection string for the PORTAL database found in the "dbconfig.xml". This issue could allow attackers to obtain access to the SQL database...

5CVSS7.6AI score0.00577EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/28 1:15 p.m.18 views

Hardcoded credentials

Sage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user passwords and SQL connection strings stored in ISAM database files in the shared data directory. This issue could allow attackers to decrypt user passwords and SQL connection strings...

7.5CVSS9.4AI score0.00621EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/28 1:15 p.m.14 views

Hardcoded credentials

The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information...

5CVSS7.5AI score0.0053EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/27 9:15 p.m.16 views

Hardcoded credentials

An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H, allows attackers to gain escalated privileges and gain sensitive information due to cleartext passwords passed in the raw HTML...

6.5CVSS8.6AI score0.14112EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder