7562 matches found
Backdoor.Win32.Wollf.m Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b125a9a083447ad7d437e3e7f3ed5325.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.m Vulnerability: Weak Hardcoded Password Description: The malware listens on TC...
Backdoor.Win32.Skrat Insecure Password Storage
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d724feed69ec7b624e4e178ad6579cfb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Skrat Vulnerability: Cleartext Hardcoded Password Description: SKD RAT malware has...
CVE-2021-45732
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...
CVE-2021-45732
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...
CVE-2021-20155
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of "12345678"...
CVE-2021-20155
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of "12345678"...
Hardcoded credentials
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of "12345678"...
Hardcoded credentials
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...
Hardcoded credentials
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router i.e., as the "admin" user, UID 0...
Hardcoded credentials
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...
CVE-2021-45732
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...
CVE-2021-45732
Netgear Nighthawk R6700, firmware 1.0.4.120, is affected by a vulnerability where a hardcoded credential can be exploited to extract the device configuration. By using public tools to obtain the backup configuration, an attacker can repackage and restore it to alter settings not intended to be ma...
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...
CVE-2021-20170
Netgear RAX43 (firmware 1.0.3.96) is affected by a hardcoded credential issue. The backup configuration is encrypted with a password-protected ZIP using a hardcoded password (RAX50w!a4udk). A user who can access the backup mechanism can unzip the configuration with this password, modify settings,...
CVE-2021-20155
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of "12345678"...
CVE-2021-20155
The CVE-2021-20155 entry applies to Trendnet AC2600 TEW-827DRU (firmware 2.08B01). The vulnerability arises from hardcoded credentials used to encrypt configuration data and the ability to back up/restore device configurations via the management web interface, exposing potential exposure of confi...
Commvault CommCell Authentication Bypass (CVE-2021-34996)
An authentication bypass exists in Commvault CommCell. The vulnerability is due to use of hardcoded credentials to access CVSearchService endpoint...
CVE-2021-45522
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password...