7560 matches found
CVE-2020-5349
The CVE-2020-5349 case concerns Dell EMC Networking S4100 and S5200 series switches manufactured before February 2020 that contain a hardcoded credential vulnerability. The root cause is a hardcoded credential allowing a remote, unauthenticated attacker to escalate to administrative privileges. I...
Hardcoded credentials
UNSUPPORTED WHEN ASSIGNED KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Hardcoded credentials
The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in...
CVE-2021-35965
CVE-2021-35965 affects the Orca HCM digital learning platform. The vulnerability arises from a hard-coded, weak factory-default administrator password embedded in the webpage source, enabling remote attackers to gain administrator privileges without authentication. NVD specifies CVSSv3.1 base sco...
CVE-2021-0279
Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...
CVE-2021-0279
Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...
Hardcoded credentials
Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...
CVE-2021-0279
CVE-2021-0279 concerns Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0, where the RabbitMQ service is enabled by default and uses hardcoded credentials. The result is that an attacker who can access the RabbitMQ administrative interface (for example, the GUI) may cause a Denial of S...
CVE-2021-0279 Contrail Cloud: Hardcoded credentials for RabbitMQ service
Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...
CVE-2020-12733
Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account...
CVE-2020-12733
Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account...
Hardcoded credentials
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an...
Hardcoded credentials
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
QSAN Storage Manager Hardcoded Credentials Vulnerability
QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A hard-coded credentials vulnerability exists in QSAN Storage Manager version 3.3.1 build 202101041800 and prior versions. An attacker can exploit this vulnerability to open the control interface via the...
Hardcoded credentials
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...
Hardcoded credentials
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...
Hardcoded credentials
The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...
Hardcoded credentials
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been...
Hardcoded credentials
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...
Hardcoded credentials
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can...