CVE-2020-8995

The CVE-2020-8995 entry concerns Programi Bilanc Build 007 Release 014 (dated 31.01.2020): a .exe contains hardcoded credentials to multiple servers, enabling remote attackers to access the website, update server, and external issue tracking tools. The root cause is embedded credentials in the ex...

Bilanc Shpk Programi Bilanc Trust Management Issues Vulnerabilities

Bilanc Shpk Programi Bilanc is a software for generating balance sheets from Bilanc Shpk, Alphania. A security vulnerability exists in Bilanc Shpk Programi Bilanc version 007014 31.01.2020, which stems from the Programi Bilanc Build providing an .exe file with several hardcoded credentials allowi...

SolarWinds N-Central Trust Management Issue Vulnerability

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

CVE-2019-14482

AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote attackers to defeat cryptographic protection...

Hardcoded credentials

AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote attackers to defeat cryptographic protection...

CVE-2019-14482

AdRem NetCrunch 10.6.0.4587 is affected by a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded key is used across different customer installations when no other SSL certificate is installed, allowing remote attackers to defeat cryptographic protections by lev...

Hardcoded credentials

An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named email protected and email protected. These allow logins to the N-Central Administrative Console NAC and/or the regular web interface...

Siemens LOGO! 8 BM Hardcoded Encryption Key Vulnerability

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM, which can be exploited by an attacker to obtain a private RSA key used to encrypt communications with a device, resulting ...

CVE-2020-29383

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

CVE-2020-29375

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged non-admin attacker can use a hardcoded password 4ef9cea10b2362f15ba4558b1d5c081f to create an admin user...

CVE-2020-29375

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged non-admin attacker can use a hardcoded password 4ef9cea10b2362f15ba4558b1d5c081f to create an admin user...

CVE-2020-29376

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. There is an !j@ly$z%x6x7q8c9z password for the admin account to authenticate to the TELNET service...

Hardcoded credentials

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

Hardcoded credentials

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key specific to V1600D, V1600G1, and V1600G2 is contained in the firmware images...

Hardcoded credentials

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged non-admin attacker can use a hardcoded password 4ef9cea10b2362f15ba4558b1d5c081f to create an admin user...

CVE-2020-29375

CVE-2020-29375 affects multiple V-SOL OLT devices (V1600D/V2.03.69 and V2.03.57; V1600D4L/V1.01.49; V1600D-MINI/V1.01.48; V1600G1/V2.0.7 and V1.9.7; V1600G2/V1.1.4). The root cause is a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) that a low-privileged, non-admin attacker can use to crea...

CVE-2020-29375

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged non-admin attacker can use a hardcoded password 4ef9cea10b2362f15ba4558b1d5c081f to create an admin user...

CVE-2020-29376

CVE-2020-29376 affects V-SOL OLT devices (V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 family). The issue centers on an admin TELNET password (!j@l#y$z%x6x7q8c9z) allowing authentication to TELNET, as disclosed across multiple references. The connected documents confirm affected models and the pre...

Barco wePresent WiPG-1600W Hardcoded Root Password Vulnerability

The Barco wePresent WiPG-1600W is a management device for conference environments from Barco Belgium. A security vulnerability exists in Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19, which stems from the inclusion of a hard-coded root password hash in the firmware...

CVE-2020-29063

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. ...