Hardcoded credentials

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

Hardcoded credentials

The control-plane access-list implementation in Cisco IPS Software before 7.18p2E4 and 7.2 before 7.22E4 allows remote attackers to cause a denial of service MainApp process outage via crafted packets to TCP port 7000, aka Bug ID CSCui67394...

Hardcoded credentials

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data...

CVE-2014-0709

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

CVE-2014-0709

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 uses a hardcoded root password, enabling unauthenticated remote login via the CLI and full admin access over SSH. This mode of exploitation is documented across multiple sources (Cisco advisory CSCui73930/Cisco-SA-2014-0219-ucsd). Affected vers...

CVE-2013-6952

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data...

Belkin Wemo Home Automation硬编码密钥漏洞

BUGTRAQ ID: 65624 CVECAN ID: CVE-2013-6952 Belkin Wemo Home Automation devices 是家电远程控制系列产品。 Belkin Wemo Home Automation固件包含硬编码的密钥和口令，可被远程攻击者利用为恶意固件进行签名。 0 Belkin Wemo Home Automation 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2013-5400

An unspecified servlet in IBM Platform Symphony Developer Edition DE 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors...

Hardcoded credentials

An unspecified servlet in IBM Platform Symphony Developer Edition DE 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors...

CVE-2013-5400

An unspecified servlet in IBM Platform Symphony Developer Edition DE 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors...

CVE-2013-5400

Summary: CVE-2013-5400 affects IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x up to 6.1.1. A servlet contains hardcoded credentials, enabling remote attackers to bypass authentication and gain access to the local environment. Impact: authenticated access bypass with full local environ...

ZTE ZXV10 W300 Router信任管理漏洞

CVE ID：CVE-2014-0329 ZTE ZXV10 W300 Router是中国中兴通讯（ZTE）公司的一款无线路由器产品。 ZTE ZXV10 W300路由器2.1.0版本上的TELNET服务中存在安全漏洞，该漏洞源于程序安装使用默认的硬编码凭证，将admin帐户密码‘XXXXairocon’中的前四位设置为MAC地址后四位。远程攻击者可通过已知的密码利用该漏洞获取管理访问权限。 0 ZTE ZXV10 W300 Router 厂商补丁： ZTE ----- 目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：...

TURCK BL20/BL67 Hardcoded Admin Account

Binary data scadaturckftpauth.nbin...

ZTE ZXV10 W300 Wireless Router Hardcoded Credentials Security Bypass Vulnerability (SNMP/Telnet)

ZTE ZXV10 W300 wireless router is prone to a security-bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

ZTE ZXV10 W300 Hardcoded Credentials

Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm" References:...

ZTE ZXV10 W300 Router - Hard-Coded Credentials

ZTE ZXV10 W300 Router - Hard-Coded Credentials Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm"...

ZTE ZXV10 W300 Router - Hardcoded Credentials

Exploit for hardware platform in category web applications Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic...

ZTE ZXV10 W300 Router - Hard-Coded Credentials

Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm" References:...

ZTE ZXV10 W300 router hard-coded credentials vulnerability-vulnerability warning-the black bar safety net

ZTE ZXV10 W300 routing 2.1.0 version and possibly previous versions,contains hardcoded credentials. CWE-7 9 8 Use the username admin password XXXXairocon where XXXX refers to the device MAC address after the fourth bit can successful connection open the Telnet service, the ZXV10 W300 router...

Exploit Linux 3.4+ Local Root (CONFIG_X86_X32=y)

OSVDB-ID: 2014-0038 Author: rebel Published: 2014-02-02 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec...