Lucene search
K

7571 matches found

Cvelist
Cvelist
added 2022/07/20 5:25 p.m.31 views

CVE-2022-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

9.6AI score0.9817EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/07/20 5:25 p.m.13 views

CVE-2022-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

9.7AI score0.9817EPSS
Exploits1References2
CVE
CVE
added 2022/07/20 5:25 p.m.875 views

CVE-2022-26138

CVE-2022-26138 affects Atlassian’s Questions for Confluence app on Confluence Server/Data Center. The vulnerability arises because the app creates a Confluence user account named disabledsystemuser in the confluence-users group with a hardcoded password, and the account is not disabled by default...

9.8CVSS9.4AI score0.9817EPSS
In wildExploits1References3Affected Software1
NVD
NVD
added 2022/07/20 5:15 p.m.27 views

CVE-2022-34045

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

9.8CVSS0.02415EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/20 5:15 p.m.2 views

CVE-2022-34045

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

9.8CVSS5.9AI score0.02415EPSS
Exploits1References3
OSV
OSV
added 2022/07/20 5:15 p.m.4 views

CVE-2022-34045

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

9.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2022/07/20 5:15 p.m.26 views

Hardcoded credentials

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

7.5CVSS9.5AI score0.02415EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/07/20 4:50 p.m.28 views

CVE-2022-34045

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

9.8AI score0.02415EPSS
Exploits1References1
Prion
Prion
added 2022/07/20 4:15 p.m.22 views

Hardcoded credentials

The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number...

7.5CVSS9.6AI score0.01172EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/20 1:15 p.m.5 views

CVE-2022-24657

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

9.8CVSS7.3AI score0.00934EPSS
Exploits1References3
OSV
OSV
added 2022/07/20 1:15 p.m.1 views

CVE-2022-24657

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

9.8CVSS5.8AI score0.00934EPSS
Exploits1References2
NVD
NVD
added 2022/07/20 1:15 p.m.15 views

CVE-2022-24657

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

9.8CVSS0.00934EPSS
Exploits1References2
Prion
Prion
added 2022/07/20 1:15 p.m.17 views

Hardcoded credentials

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

7.5CVSS9.5AI score0.00934EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/20 12:31 p.m.14 views

CVE-2022-24657

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

9.7AI score0.00934EPSS
Exploits1References2
CVE
CVE
added 2022/07/20 12:31 p.m.58 views

CVE-2022-24657

CVE-2022-24657 affects Goldshell ASIC Miners v2.1.x, where hardcoded credentials enable remote SSH access (port 22). The root cause is the presence of embedded credentials in the device firmware, as documented across multiple sources in the connected set (NVD/Red Hat/CVE listings, CNNVD). Impact ...

9.8CVSS9.4AI score0.00934EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.6 views

PT-2022-21982

Name of the Vulnerable Software and Affected Versions Wavlink WN530HG4 version M30HG4.V5030.191116 Description A hardcoded encryption/decryption key was found in the configuration files of the affected device, specifically at the /etc ro/lighttpd/www/cgi-bin/ExportAllSettings.sh location. This...

9.8CVSS6.4AI score0.02415EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.4 views

PT-2022-3814 · Atlassian · Questions For Confluence +1

Name of the Vulnerable Software and Affected Versions: Atlassian Questions For Confluence app versions 2.7.34 through 3.0.2 Description: The Atlassian Questions For Confluence app creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded...

9.8CVSS9.8AI score0.9817EPSS
Exploits1References39
ATTACKERKB
ATTACKERKB
added 2022/07/20 12:0 a.m.102 views

CVE-2022-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

9.8CVSS3.7AI score0.9817EPSS
In wildExploits1References3
Prion
Prion
added 2022/07/19 2:15 p.m.20 views

Hardcoded credentials

A use of hard-coded cryptographic key vulnerability CWE-321 in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device...

5.1CVSS7.9AI score0.00576EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/07/17 11:15 p.m.12 views

CVE-2022-31210

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...

9.8CVSS0.01016EPSS
Exploits1References1
Rows per page
Query Builder