7582 matches found
Hardcoded credentials
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox 101...
Hardcoded credentials
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox 107...
Hardcoded credentials
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...
PT-2022-23264 · Nokia · Nokia Fastmile
Name of the Vulnerable Software and Affected Versions: Nokia Fastmile 3tg00118abad52 devices affected versions not specified Description: The issue concerns a default hardcoded admin account with the credentials admin:Nq+L5st7o. This account can be used locally to access the web admin interface...
Nokia FastMile 3TG00118ABAD52 信任管理问题漏洞
Nokia FastMile 3TG00118ABAD52 is a fixed wireless access from Nokia Finland. A security vulnerability exists in the Nokia FastMile 3TG00118ABAD52 that originates from the included default hardcoded administrator account, which can be used locally to access the web management interface...
Hardcoded credentials
ghinstallation provides transport, which implements http.RoundTripper to provide authentication as an installation for GitHub Apps. In ghinstallation version 1, when the request to refresh an installation token failed, the HTTP request and response would be returned for debugging. The request...
Hardcoded credentials
A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...
Tokens are expected to have 18 decimals but not all have them
Lines of code Vulnerability details Tokens are expected to have 18 decimals but not all have them Summary Pairs doesn't consider tokens with less or more than 18 decimals Impact Tokens not compatible Proof of Concept Mitigation Don't use hardcoded 18 decimals --- The text was updated successfully...
ERC20 TOKENS WITH DIFFERENT DECIMALS THAN 18 MAY BREAK THE LOGIC AND PROVIDE UNEXPECTED RESULTS
Lines of code Vulnerability details Impact Note: Though it is mentioned that Rebase/fee-on-transfer tokens are not expected, however there exist other ERC20 tokens having different decimals than 18 Contracts LpToken and Pair performs calculations by using hardcoded value of decimals 18 1e18 for...
Click Studios Passwordstate 信任管理问题漏洞
Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. This program provides you with the ability to save yo...
CVE-2022-37832
Mutiny 7.2.0-10788 suffers from Hardcoded root password...
CVE-2022-37832
Mutiny 7.2.0-10788 suffers from Hardcoded root password...
Hardcoded credentials
Mutiny 7.2.0-10788 suffers from Hardcoded root password...
PT-2022-24105 · Mutiny · Mutiny
Name of the Vulnerable Software and Affected Versions: Mutiny version 7.2.0-10788 Description: The issue is related to a hardcoded root password in the software. This could potentially allow unauthorized access to the system. Recommendations: For Mutiny version 7.2.0-10788, consider changing the...
CVE-2022-37832
Mutiny Network Monitoring Appliance (Mutiny) is affected by CVE-2022-37832. A hardcoded root password exists in Mutiny version 7.2.0-10788 (and prior per CNVD entry), enabling potential full system compromise without authentication or user interaction. The NVD/CVSS data assigns a 3.1 base score o...
CVE-2022-37832
Mutiny 7.2.0-10788 suffers from Hardcoded root password...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Hardcoded Credentials
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x sound4server Hardcoded Credentials Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16...
Backdoor.Win32.InCommander.17.b MVID-2022-0665 Hardcoded Credentials
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/dd76d8a5874bf8bf05279e35c68449ca.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Backdoor.Win32.InCommander.17.b Vulnerability:...
CVE-2022-2660
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine...