PT-2022-3161 · Emerson · Emerson Deltav

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV versions through 2022-04-29 Description: The issue is related to the misuse of passwords in Emerson DeltaV Distributed Control System DCS controllers and IO cards, allowing an attacker to gain unauthorized access to protected...

PT-2022-3162 · Emerson · Emerson Openbsi

Name of the Vulnerable Software and Affected Versions: Emerson OpenBSI through 2022-04-29 Description: The issue is related to the use of weak cryptography in Emerson OpenBSI, an engineering environment for the ControlWave and Bristol Babcock line of RTUs. Specifically, DES with hardcoded...

PT-2022-3084 · Motorola · Motorola Ace1000 Rtu

Name of the Vulnerable Software and Affected Versions: Motorola ACE1000 RTU through 2022-05-02 Description: The issue is related to the use of hardcoded SSH credentials. This could allow a remote attacker to gain unauthorized access to protected information. The hardcoded SSH private key is likel...

PT-2022-3083 · Honeywell · Honeywell Controledge

Name of the Vulnerable Software and Affected Versions: Honeywell ControlEdge versions through R151.1 Description: The issue is related to the use of hard-coded credentials in the Honeywell ControlEdge programmable logic controllers. This could allow a remote attacker to gain elevated privileges...

PT-2022-3091 · Motorola · Motorola Ace1000 Rtu

Name of the Vulnerable Software and Affected Versions: Motorola ACE1000 RTU versions prior to 2022-05-02 Description: The issue is related to the use of hardcoded credentials in the XRT LAN-to-radio gateway and XNL microcode software of the Motorola ACE1000 RTU. This allows a remote attacker to...

PT-2022-3160 · Emerson · Emerson Deltav Distributed Control System

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 Description: The issue is related to the misuse of passwords and the use of hardcoded credentials in the TELNET service on port 18550, which provides...

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Vulnerability

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components. ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components...

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components product: Nexans FTTO GigaSwitch industrial/office switches HW version 5 vulnerable version: See "Vulnerable /...

CVE-2022-34005

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 sub-issue 1. NOTE: as of...

CVE-2022-34005

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 sub-issue 1. NOTE: as of...

Remote code execution

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 sub-issue 1. NOTE: as of...

Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Infiray IRAY-A8Z3 thermal camera vulnerable version: V1.0.957 fixed version: None CVE number: CVE-2022-31208, CVE-2022-31209,...

Infiray IRAY-A8Z3 thermal camera 安全漏洞

The Infiray IRAY-A8Z3 thermal camera is a thermal camera from the Chinese company Infiray. A security vulnerability exists in the Infiray IRAY-A8Z3 thermal camera version 1.0.957, which originates from the use of hard-coded Web credentials, authenticated remote code execution, buffer overflow,...

TODO: Hardcode claim.account = address(this)?

Lines of code Vulnerability details Impact Why you still has a TODO in the final code? TODO: Hardcode claim.account = addressthis? It is not implemented yet. claim.account may be any value, which may break the claiming process or let user steal fund that intended to be used in MyStrategy to their...

Swap routes are hardcoded for pools that do not exist yet.

Lines of code Vulnerability details Impact The route for swapping auraBAL to AURA is hardcoded and does not allow any flexibility. Proof of Concept The route for this swap is hardcoded to auraBAL - BAL/ETH BPT - WETH - AURA, with specific pool IDs. This seems to be done for the sake of simplicity...

Hardcoded credentials

All versions of package @discordjs/opus are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash...

no slippage check

Lines of code Vulnerability details in the function swapAndAddLiquidity it makes a call swapExactTokensForTokens with slippage hard coded to 1 this could lead to the user receiving much less tokens than expected due to being frontrun / sandwiched which will result in a loss of funds recommend...

SIEMENS Teamcenter Hardcoded Default Credentials Vulnerability

Teamcenter software is a modern, adaptable product lifecycle management PLM system that connects people and processes across functional silos through digital threads to enable innovation.SIEMENS Teamcenter is vulnerable to a hard-coded default credential vulnerability that originates in the Java ...

CVE-2022-31619

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions V13.1.0.9, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. Java EE...

Hardcoded credentials

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions V13.1.0.9, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. Java EE...