Lucene search
K

7572 matches found

Prion
Prion
added 2022/08/04 7:15 p.m.17 views

Hardcoded credentials

Totolink A3600RFirmware V4.1.2cu.5182B20201102 contains a hard code password for root in /etc/shadow.sample...

7.5CVSS9.5AI score0.00876EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/08/04 10:15 a.m.14 views

Hardcoded credentials

OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service...

7.5CVSS9.7AI score0.01138EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/08/03 4:15 p.m.2 views

CVE-2022-35866

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The server uses a hard-cod...

9.8CVSS5.8AI score0.03051EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2022/07/30 7:14 a.m.750 views

Exploit for Use of Hard-coded Credentials in Atlassian Questions_For_Confluence

CVE-2022-26138 1. Introduction Confluence Hardcoded Pass...

9.8CVSS7.4AI score0.9817EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/07/28 4:15 p.m.3 views

CVE-2022-30316

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...

6.8CVSS7.3AI score0.00345EPSS
Exploits0References3
NVD
NVD
added 2022/07/28 4:15 p.m.20 views

CVE-2022-30316

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...

6.8CVSS0.00345EPSS
Exploits0References2
OSV
OSV
added 2022/07/28 4:15 p.m.4 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References2
Prion
Prion
added 2022/07/28 4:15 p.m.15 views

Hardcoded credentials

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...

4.6CVSS8.1AI score0.00345EPSS
Exploits0References2
NVD
NVD
added 2022/07/28 3:15 p.m.13 views

CVE-2021-22644

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key...

9.8CVSS0.00657EPSS
Exploits0References1
OSV
OSV
added 2022/07/28 3:15 p.m.6 views

CVE-2021-22644

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key...

9.8CVSS5.8AI score0.00657EPSS
Exploits0References1
Prion
Prion
added 2022/07/28 3:15 p.m.20 views

Hardcoded credentials

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key...

7.5CVSS9.4AI score0.00657EPSS
Exploits0References1Affected Software8
CVE
CVE
added 2022/07/28 2:19 p.m.70 views

CVE-2021-22644

CVE-2021-22644 is part of a set of vulnerabilities in Ovarro TBox/TWinSoft. The TWinSoft software uses a custom hardcoded user “TWinSoft” with a hardcoded key, enabling attackers to extract the hardcoded cryptographic key (CVE-2021-22644) and, with other flaws (CVE-2021-22646, CVE-2021-22648, CVE...

9.8CVSS8.7AI score0.00657EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/28 12:0 a.m.5 views

PT-2022-9259 · Ovarro · Ovarro Tbox Twinsoft

Name of the Vulnerable Software and Affected Versions: Ovarro TBox TWinSoft affected versions not specified Description: The issue concerns the use of a custom hardcoded user TWinSoft with a hardcoded key in Ovarro TBox TWinSoft. Recommendations: At the moment, there is no information about a new...

9.8CVSS9.3AI score0.00657EPSS
Exploits0References3
Prion
Prion
added 2022/07/27 9:15 p.m.24 views

Hardcoded credentials

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10...

7.5CVSS9.2AI score0.00439EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/07/26 11:15 p.m.4 views

CVE-2022-30274

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

9.8CVSS7.4AI score0.00519EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/26 11:15 p.m.5 views

CVE-2022-30271

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...

9.8CVSS7.3AI score0.00835EPSS
Exploits0References3
NVD
NVD
added 2022/07/26 11:15 p.m.30 views

CVE-2022-30271

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...

9.8CVSS0.00835EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 11:15 p.m.19 views

CVE-2022-30274

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

9.8CVSS0.00519EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 11:15 p.m.19 views

Hardcoded credentials

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...

7.5CVSS9.3AI score0.00835EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 11:15 p.m.23 views

Hardcoded credentials

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

7.5CVSS9.5AI score0.00519EPSS
Exploits0References2
Rows per page
Query Builder