CVE-2013-6034

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...

CVE-2014-0329

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password...

Hardcoded credentials

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...

CVE-2013-6034

CVE-2013-6034 involves firmware in multiple satellite terminals (Harris BGAN RF-7800B-VU204/DU204; Hughes NOC 9201/9450/9502; Thuraya IP; Inmarsat; Japan Radio JUE-250/JUE-500) with hardcoded login credentials (CWE-798) and an insecure proprietary protocol exposed on TCP port 1827. The CERT/CC no...

CVE-2013-6034

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login acce...

CVE-2014-0329

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password...

CVE-2014-0329

The CVE-2014-0329 issue affects ZTE ZXV10 W300 router (v2.1.0) where the TELNET service exposes a hard-coded admin password ending in “airocon,” with the first four characters derived from the device MAC. Remote attackers can gain administrator access using this credential, as documented in multi...

ZTE ZXV10 W300 router contains hardcoded credentials

Overview ZTE ZXV10 W300 router version 2.1.0, and possibly earlier versions, contains hardcoded credentials. CWE-798 Description ZTE ZXV10 W300 router contains hardcoded credentials that are useable for the telnet service on the device. The username is "admin" and the password is "XXXXairocon"...

Hughes Network Systems Broadband Global Area Network (BGAN) satellite terminal firmware contains multiple vulnerabilities

Overview Firmware developed by Hughes Network Systems used in a number of BGAN satellite terminals contains undocumented hardcoded login credentials CWE-798. Additionally, the firmware contains an insecure proprietary communications protocol, likely a debugging service, that allows unauthenticate...

CVE-2013-7248

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSAREQUEST...

Hardcoded credentials

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSAREQUEST...

CVE-2013-7248

The CVE-2013-7248 issue in Franklin Fueling Systems TS-550 evo affects firmware 2.0.0.6833 and earlier than 2.4.0, due to a hardcoded password for the roleDiag account that enables remote root access via cmdWebCheckRole in TSA_REQUEST. Trustwave SpiderLabs’ advisory TWSL2014-001 documents the roo...

CVE-2013-7248

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSAREQUEST...

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities Trustwave's SpiderLabs Security Advisory TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Published: 01/03/2014 Version: 1.0 Vendor: Franklin Fueling Systems http://www.franklinfueling.com/ Product: TS-550 ev...

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Trustwave's SpiderLabs Security Advisory TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Published: 01/03/2014 Version: 1.0 Vendor: Franklin Fueling Systems http://www.franklinfueling.com/ Product: TS-550 evo devic...

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

Trustwave's SpiderLabs Security Advisory TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Published: 01/03/2014 Version: 1.0 Vendor: Franklin Fueling Systems http://www.franklinfueling.com/ Product: TS-550 evo device Version affected: Firmware 2.0.0.6833 confirmed. Affects...

Hardcoded credentials

Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls allow remote attackers to execute arbitrary code via a crafted HTML document...

Stem Innovation IZON Hardcoded Password Vulnerability

Stem Innovation's IZON IP camera has hard-coded passwords that can be leveraged via both telnetd and httpd. Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’...

Stem Innovation IZON Hardcoded Password

Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web...

Hardcoded credentials

Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a...