Hardcoded credentials

Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to...

PT-2020-1390 · Cisco · Cisco Data Center Network Manager

Name of the Vulnerable Software and Affected Versions: Cisco Data Center Network Manager DCNM affected versions not specified Description: The issue is related to multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager DCNM, which could allow an...

Rocket.Chat: API Keys Hardcoded in Github repository

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: API Keys is ha...

Heatmiser Netmonitor 3.03 Hardcoded Credentials

Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor...

Heatmiser Netmonitor 3.03 - Hardcoded Credentials Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software:...

Heatmiser Netmonitor 3.03 - Hardcoded Credentials

Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor...

WEMS BEMS 21.3.1 - Undocumented Backdoor Account

Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Date: 2019-12-30 Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5552.php WEMS BEMS 21.3.1 Undocumented Backdo...

WEMS BEMS 21.3.1 Undocumented Backdoor Account

Summary We WEMS offer the world's first fully wireless energy management system. Our solution enables your organization to take control of its energy costs, by monitoring lighting, heating and air conditioning equipment to identify wastage across multiple sites and start saving money instantly...

CVE-2013-4976

Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials...

Hardcoded credentials

Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials...

CVE-2013-4976

CVE-2013-4976 affects Hikvision DS-2CD7153-E IP Cameras, enabling security bypass via hardcoded credentials (remote authentication bypass). The NVD entry lists high/severe impact with CVSS v3.1 base score 9.8 (NETWORK, NONE prerequisites, US S) and CVSS v2 base score 7.5, indicating critical risk...

CVE-2013-4976

Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials...

Inim SmartLAN Hardcoded Credentials (Telnet)

SmartLAN devices utilize hardcoded credentials within its Linux distribution image. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Inim SmartLAN Hardcoded Credentials (FTP)

SmartLAN devices utilize hardcoded credentials within its Linux distribution image. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Hardcoded credentials

HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710,...

CVE-2013-3542

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WPHD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!/" with the same password, which makes it easier for remote attackers to obtain access vi...

Hardcoded credentials

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WPHD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!/" with the same password, which makes it easier for remote attackers to obtain access vi...

CVE-2013-3542

CVE-2013-3542 affects Grandstream GXV series (e.g., GXV3501/3504/3601/3601HD/LL/3611/3615W/P/3651FHD/3662HD/3615WP_HD/3500) with firmware 1.0.4.11. The issue is a hardcoded account "!#/" enabling remote TELNET access, exposing high-severity risk (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H; ba...

CVE-2013-3542

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WPHD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!/" with the same password, which makes it easier for remote attackers to obtain access vi...

Hardcoded credentials

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page...