Samsung Printer firmware contains a hardcoded SNMP community string

Overview Samsung printers contain a hardcoded SNMP community string that could allow a remote attacker to take control of an affected device. Description Samsung printers as well as some Dell printers manufactured by Samsung contain a hardcoded SNMP full read-write community string that remains...

Symantec Messaging Gateway Default SSH Password (CVE-2012-3579)

A design weakness vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to hardcoded default credentials usage. A remote attacker could exploit this vulnerability by logging-in to the administration console, thus gaining partial access to the configuration of the...

CVE-2012-5862

These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access...

PT-2012-6158 · Sinapsi +1 · Sinapsi Esolar Light Photovoltaic System Monitor +3

Name of the Vulnerable Software and Affected Versions: Sinapsi eSolar Light Photovoltaic System Monitor aka Schneider Electric Ezylog photovoltaic SCADA management server versions prior to 2.0.2870 2.2.12 Sinapsi eSolar versions prior to 2.0.2870 2.2.12 Sinapsi eSolar DUO versions prior to 2.0.28...

Novell ZENworks Asset Management rtrlet Component GetFile_Password Method Hardcoded Credentials Information Disclosure

The remote host has a version of Novell ZENworks Asset Management that is affected by an arbitrary information disclosure vulnerability. The 'GetFilePassword' maintenance call in '/rtrlet/rtr' is protected by a set of known, hard-coded credentials. This maintenance call can be utilized by an...

Hardcoded credentials

The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...

RuggedCom RuggedOS Known Hardcoded SSL RSA Private Key

Binary data scadaruggedosknownsslprivatekey.nbin...

Novell ZENworks Asset Management 7.5 Configuration Access

This module exploits a hardcoded user and password for the GetConfig maintenance task in Novell ZENworks Asset Management 7.5. The vulnerability exists in the Web Console and can be triggered by sending a specially crafted request to the rtrlet component, allowing a remote unauthenticated user to...

Magnum MNS-6K Hardcoded Admin Account

Binary data scadagarrettcomhardcodedpassword.nbin...

Hard-Coded Password Leaves GarrettCom Switches Open to Attack, ICS-CERT Warns

The Department of Homeland Security is warning users of some of GarrettCom’s switches that there is a hard-coded password in a default account on the devices, which are deployed in a number of critical infrastructure industries, that could allow an attacker to take control of them. A researcher a...

CVE-2012-3014

The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors...

Hardcoded credentials

The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors...

CVE-2012-3014

The CVE-2012-3014 entry concerns GarrettCom Magnum MNS-6K Management Software that uses a hardcoded administrative password. Affected versions are MNS-6K prior to 4.4.0 and 14.x prior to 14.4.0. Root cause: undocumented hardcoded credential enabling privilege escalation to administrative level fo...

CVE-2012-3014

The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors...

Hardcoded credentials

The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a 1 symlink or 2 hard link, a different vulnerability than CVE-2012-3485...

Hardcoded credentials

The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.120741313, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and...

Apache Tomcat Manager/Host Manager/Server Status Default/Hardcoded Credentials (HTTP)

The Apache Tomcat Manager/Host Manager/Server Status is using default or known hardcoded credentials. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2012-4577

The Linux firmware image on 1 Korenix Jetport 5600 series serial-device servers and 2 ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session...

Hardcoded credentials

The Linux firmware image on 1 Korenix Jetport 5600 series serial-device servers and 2 ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session...

CVE-2012-4577

The Linux firmware image on 1 Korenix Jetport 5600 series serial-device servers and 2 ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session...