Lucene search
K

7575 matches found

Prion
Prion
added 2023/03/14 9:15 p.m.16 views

Hardcoded credentials

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system...

7.5CVSS9.5AI score0.00894EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/03/13 9:15 p.m.14 views

Hardcoded credentials

PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...

7.5CVSS9.4AI score0.00883EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/03/13 9:15 p.m.23 views

Hardcoded credentials

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file...

7.5CVSS9.4AI score0.00415EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 8:15 p.m.15 views

Hardcoded credentials

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information...

5CVSS7.9AI score0.00534EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/08 12:0 a.m.6 views

PT-2023-1633 · Unknown · Mxsecurity

Name of the Vulnerable Software and Affected Versions: MXsecurity version 1.0 Description: The issue is related to hardcoded credentials in MXsecurity, which can be exploited to craft arbitrary JWT tokens and bypass authentication for web-based APIs. This allows a remote attacker to elevate their...

10CVSS8.1AI score0.00973EPSS
Exploits0References8
Prion
Prion
added 2023/03/06 12:15 a.m.18 views

Hardcoded credentials

Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22336...

7.5CVSS9.1AI score0.01099EPSS
Exploits0References2Affected Software2
0day.today
0day.today
added 2023/02/28 12:0 a.m.341 views

Osprey Pump Controller 1.0.1 Administrator Backdoor Access Vulnerability

Osprey Pump Controller version 1.0.1 has a hidden administrative account admin that has the hardcoded password Mirage1234 that allows full access to the web management interface configuration. The user admin is not visible in Usernames and Passwords menu list 120 of the application and the passwo...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2023/02/28 12:0 a.m.254 views

Osprey Pump Controller 1.0.1 Administrator Backdoor Access

Osprey Pump Controller 1.0.1 Administrator Backdoor Access Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...

0.6AI score
Exploits0
0day.today
0day.today
added 2023/02/27 12:0 a.m.470 views

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root Vulnerability

ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account...

9.8CVSS9.9AI score0.17399EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/02/27 12:0 a.m.368 views

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM...

0.17399EPSS
Exploits6
Zero Science Lab
Zero Science Lab
added 2023/02/27 12:0 a.m.309 views

Osprey Pump Controller 1.0.1 Administrator Backdoor Access

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

9.8CVSS7.2AI score0.00771EPSS
Exploits1
Prion
Prion
added 2023/02/23 10:15 p.m.17 views

Hardcoded credentials

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links i.e. creating a Gradio app and then setting share=True, a private SSH key is sent to any...

7.5CVSS9.3AI score0.00553EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/21 9:15 p.m.5 views

CVE-2022-46637

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...

9.8CVSS5.8AI score0.01525EPSS
Exploits1References3
NVD
NVD
added 2023/02/21 9:15 p.m.13 views

CVE-2022-46637

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...

9.8CVSS9.6AI score0.01525EPSS
Exploits1References3
Prion
Prion
added 2023/02/21 9:15 p.m.21 views

Hardcoded credentials

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...

7.5CVSS9.5AI score0.01525EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.5 views

PT-2023-14973 · Prolink · Prolink Router Prs1841

Name of the Vulnerable Software and Affected Versions: Prolink router PRS1841 Description: The Prolink router PRS1841 contains hardcoded credentials for its Telnet and FTP services. This issue allows unauthorized access to the device. Recommendations: For Prolink router PRS1841, consider changing...

9.8CVSS9.2AI score0.01525EPSS
Exploits1References5
CVE
CVE
added 2023/02/21 12:0 a.m.46 views

CVE-2022-46637

CVE-2022-46637 concerns the ProLink router PRS1841, which is reported to contain hardcoded credentials for Telnet and FTP, enabling unauthorized access. The CVE entry cites a CRITICAL 9.8 CVSS score (Network vector, low complexity, no user interaction) with high impact on confidentiality, integri...

9.8CVSS9.5AI score0.01525EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/21 12:0 a.m.7 views

CVE-2022-46637

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...

9.7AI score0.01525EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/21 12:0 a.m.21 views

CVE-2022-46637

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...

9.8AI score0.01525EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.5 views

SUSE CVE-2015-2907

Mobile Devices aka MDI C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote attackers to obtain access by leveraging knowledge of the required username and password...

9CVSS6.9AI score0.02563EPSS
Exploits0References2
Rows per page
Query Builder