7571 matches found
CVE-2022-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...
CVE-2022-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...
CVE-2022-26138
CVE-2022-26138 affects Atlassian’s Questions for Confluence app on Confluence Server/Data Center. The vulnerability arises because the app creates a Confluence user account named disabledsystemuser in the confluence-users group with a hardcoded password, and the account is not disabled by default...
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...
Hardcoded credentials
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...
Hardcoded credentials
The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
Hardcoded credentials
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24657
CVE-2022-24657 affects Goldshell ASIC Miners v2.1.x, where hardcoded credentials enable remote SSH access (port 22). The root cause is the presence of embedded credentials in the device firmware, as documented across multiple sources in the connected set (NVD/Red Hat/CVE listings, CNNVD). Impact ...
PT-2022-21982
Name of the Vulnerable Software and Affected Versions Wavlink WN530HG4 version M30HG4.V5030.191116 Description A hardcoded encryption/decryption key was found in the configuration files of the affected device, specifically at the /etc ro/lighttpd/www/cgi-bin/ExportAllSettings.sh location. This...
PT-2022-3814 · Atlassian · Questions For Confluence +1
Name of the Vulnerable Software and Affected Versions: Atlassian Questions For Confluence app versions 2.7.34 through 3.0.2 Description: The Atlassian Questions For Confluence app creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded...
CVE-2022-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...
Hardcoded credentials
A use of hard-coded cryptographic key vulnerability CWE-321 in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device...
CVE-2022-31210
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...