7554 matches found
Hardcoded credentials
A vulnerability in the install function of Cisco Prime Collaboration Provisioning PCP could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. The vulnerability is due to a hard-coded...
D-Link Central WiFiManager Software Controller Multiple Vulnerabilities
1. Advisory Information Title: D-Link Central WiFiManager Software Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0010 Advisory URL:http://www.coresecurity.com/core-labs/advisories/d-link-central-wifimanager-software-controller-multiple-vulnerabilities Date published: 2018-10-04 Date...
Hardcoded credentials
An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...
CVE-2018-17217
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key...
Hardcoded credentials
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key...
MensaMax 4.3 Hardcoded Encryption Key Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 e2 Security GmbH Advisory 2018-01 Unencrypted transmission and usage of hardcoded encryption key Overview Advisory ID: E2SA-2018-01 Advisory Version: 1.0 Advisory Status: Public Advisory URL: https://advisories.e2security.de/2018/E2SA-2018-01.txt...
Hardcoded credentials
Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data...
Hardcoded credentials
Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
8x8: Hardcoded credentials in Android App
The mobile applications contained a URL that included credentials to a third party bug capture API. Access was restricted to pushing bug information...
Critical Vulnerability Found in Cisco Video Surveillance Manager
A critical vulnerability in the Cisco Video Surveillance Manager software has been uncovered, which could allow an unauthenticated, remote attacker to log in and execute arbitrary commands as the root user. The issue is a simple one: Affected versions contain static user credentials for the root...
CVE-2018-16957
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service over a network...
CVE-2018-16957
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service over a network...
Hardcoded credentials
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service over a network...
CVE-2018-16957
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service over a network...
Hardcoded credentials
The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...
Hardcoded credentials
The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...
CVE-2018-0663
Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via...
CVE-2018-0663
Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via...
Hardcoded credentials
Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via...
CVE-2018-0663
Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via...