SAP NetWeaver - Hardcoded credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2059659 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

SAP NetWeaver - Hardcoded Credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2057982 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

Hardcoded credentials

The My Home implementation in the blockhtmlpluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML...

CVE-2014-2350

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

Hardcoded credentials

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

CVE-2014-2350 Emerson DeltaV Use of Hard-coded Credentials

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

CVE-2014-2350

Technical details for CVE-2014-2350 are not publicly available in the provided documents; monitor for updates.

PT-2014-1222 · Emerson · Emerson Deltav

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV versions 10.3.1 through 12.3 Description: The issue is related to errors that occur when changing access control rules through the Telnet protocol, allowing an attacker to gain access to applications via Telnet to run commands ...

CVE-2013-7382

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

Hardcoded credentials

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

CVE-2013-7382

VICIDIAL dialer (Asterisk GUI client) versions 2.8-403a, 2.7, 2.7RC1 and earlier are affected by a hardcoded credential vulnerability. The root cause is a hardcoded password, donotedit, assigned to the VDAD and VDCL user accounts, which could allow remote attackers to gain access. This CVE detail...

CVE-2013-7382

VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...

Seagate BlackArmor NAS - Multiple Vulnerabilities

Seagate BlackArmor NAS - Multiple Vulnerabilities Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS devices...

Seagate BlackArmor NAS - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS...

CVE-2014-0354

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

Hardcoded credentials

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

CVE-2014-0354

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

CVE-2014-0354

The CVE-2014-0354 entry concerns ZyXEL Wireless N300 NetUSB NBG-419N routers with firmware 1.00(BFQ.6)C0 that have a hardcoded password (qweasdzxc) used to login to index.asp via HTTP, enabling a remote attacker on the LAN to obtain login access. The linked NVD record confirms the issue and its i...

CVE-2014-2751

SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-2752

SAP Business Object Processing Framework BOPF for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...