FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11338)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded trueadmin/admintrue credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11336)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded rootmet/m3tr0r00t credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11330)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded admin/lnadmin credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11343)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded useradmin/8888888 credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11331)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded admin/CUadmin credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11340)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hard-coded admin/3UJUh2VemEfUtesEchEC2d2e credentials against an ISP. No detailed vulnerability details are provided at...

Backdoor.Win32.Agent.aak Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Weak Hardcoded Credentials Description: The HTTP backdoor...

Tesla SolarCity Solar Monitoring Gateway Trust Management Issue Vulnerability

Tesla SolarCity Solar Monitoring Gateway is an application from Tesla SolarCity Solar Monitoring Gateway Tesla, USA. Solar equipment is provided. A security vulnerability exists in Tesla SolarCity Solar Monitoring Gateway through 5.46.43, which stems from the use of hardcoded credentials Digi...

Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device (Part One)

In 2019, Mandiant’s Red Team discovered a series of vulnerabilities present within Digi International’s ConnectPort X2e device, which allows for remote code execution as a privileged user. Specifically, Mandiant’s research focused on SolarCity’s now owned by Tesla rebranded ConnectPort X2e device...

Backdoor.Win32.Indexer.a Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2b576e7551afe1c7575dc680396f1b5b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Indexer.a Vulnerability: Hardcoded Weak Credentials Description: Indexer.a backdoor...

Hardcoded credentials

IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 198192...

CVE-2020-25493

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

Hardcoded credentials

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

CVE-2020-25493

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

CVE-2021-27172

An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh...

CVE-2021-27172

An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh...

CVE-2021-27162

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...

CVE-2021-27158

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP...

CVE-2021-27161

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP...

CVE-2021-27164

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP...