7546 matches found
Hardcoded credentials
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...
Hardcoded credentials
An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 uses a hardcoded encryption key, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere...
CVE-2013-0694
CVE-2013-0694 concerns hardcoded credentials in ROMs of Emerson ROC800 RTU family: ROC800 (v3.50 and earlier), DL8000 (v2.30 and earlier), and ROC800L (v1.20 and earlier). The underlying flaw enables remote attackers to obtain a shell on the OS by exploiting ROM contents known from a device insta...
CVE-2013-0694
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...
PT-2013-1294 · D Link · Dsr-500N +6
Name of the Vulnerable Software and Affected Versions: D-Link DSR-150 versions prior to 1.08B44 D-Link DSR-150N versions prior to 1.05B64 D-Link DSR-250 versions prior to 1.08B44 D-Link DSR-250N versions prior to 1.08B44 D-Link DSR-500 versions prior to 1.08B77 D-Link DSR-500N versions prior to...
CVE-2012-4088
The FTP server in Cisco Unified Computing System UCS has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769...
Hardcoded credentials
The FTP server in Cisco Unified Computing System UCS has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769...
CVE-2012-4088
The FTP server in Cisco Unified Computing System UCS has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769...
CVE-2012-4088
Cisco UCS FTP server vulnerability (CVE-2012-4088) arises from an undocumented hard-coded password for an unspecified user account. An unauthenticated, adjacent attacker could read or modify files by exploiting this credential. Cisco’s advisory (CISCO-SA-20130927-CVE-2012-4088) confirms the issue...
Hardcoded credentials
Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast cluster API call, a different...
CVE-2013-5934
Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast cluster API call, a different...
CVE-2013-5934
Open-Xchange AppSuite suffers CVE-2013-5934: the Hazelcast cluster API on Open-Xchange AppSuite 7.0.x (before 7.0.2-rev15) and 7.2.x (before 7.2.2-rev16) contains a hardcoded password used for node joining. This enables remote attackers to expand the cluster by locating the password in the source...
CVE-2012-4074
The Board Management Controller BMC in the Serial over LAN SoL subsystem in Cisco Unified Computing System UCS relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID...
Hardcoded credentials
The Board Management Controller BMC in the Serial over LAN SoL subsystem in Cisco Unified Computing System UCS relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID...
CVE-2013-3612
Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors...
Hardcoded credentials
Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors...
CVE-2013-3612
Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors...
CVE-2013-3612
CVE-2013-3612 affects Dahua DVR appliances, where a hardcoded password exists for the root account and an unspecified backdoor account. This facilitates administrative access by remote attackers via authorization requests using (a) ActiveX, (b) a standalone client, or (c) other vectors. The Conne...
Linux/ARM creat("/root/pwned", 0777) shellcode 39 bytes
39 bytes small Linux/ARM creat"/root/pwned", 0777 shellcode. / Title : Linux/ARM - creat"/root/pwned", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include...
Linux/ARM execve("/bin/sh", [], [0 vars]) shellcode 35 bytes
35 bytes small Linux/ARM execve"/bin/sh", , 0 vars shellcode. / Title : Linux/ARM - execve"/bin/sh", , 0 vars - 35 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / includ...