Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:32 a.m.18 views

CVE-2024-39374

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...

9.8CVSS6.8AI score0.00524EPSS
Exploits1References1
OSV
OSV
added 2024/06/27 4:15 p.m.4 views

CVE-2024-39374

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...

9.8CVSS5.8AI score0.00524EPSS
Exploits1References1
NVD
NVD
added 2024/06/27 4:15 p.m.37 views

CVE-2024-39374

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...

9.8CVSS0.00524EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/27 4:3 p.m.19 views

CVE-2024-39374 Use of Hard-coded Credentials in TELSAT marKoni FM Transmitter

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...

9.3CVSS6.8AI score0.00524EPSS
Exploits1References1
CVE
CVE
added 2024/06/27 4:3 p.m.62 views

CVE-2024-39374

CVE-2024-39374 affects TELSAT marKoni FM Transmitters (Markoni-D/Compact and Markoni-DH/Exciter+Amplifiers; affected versions prior to 2.0.1). Root cause: a hidden admin account accessible via hard-coded credentials, enabling an attacker to gain administrative access without authentication. Publi...

9.8CVSS9.5AI score0.00524EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.4 views

PT-2024-28475 · Telsat · Telsat Markoni Fm Transmitters

Name of the Vulnerable Software and Affected Versions: TELSAT marKoni FM Transmitters affected versions not specified Description: The issue concerns a hidden admin account in TELSAT marKoni FM Transmitters that can be accessed using hard-coded credentials, allowing an attacker to exploit this...

9.8CVSS6.8AI score0.00524EPSS
Exploits1References5
NVD
NVD
added 2024/05/30 3:15 a.m.14 views

CVE-2024-5514

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without bei...

9.8CVSS9.7AI score0.00653EPSS
Exploits0References4
CVE
CVE
added 2024/05/30 2:14 a.m.85 views

CVE-2024-5514

CVE-2024-5514 affects MinMax CMS by MinMax Digital Technology and involves a hidden administrative account with a fixed password that cannot be removed or disabled via the management interface. This allows remote attackers to bypass IP-based access controls and log in to the backend without being...

9.8CVSS9.7AI score0.00653EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.5 views

PT-2024-3984 · Unknown · Minmax Cms

Name of the Vulnerable Software and Affected Versions: MinMax CMS affected versions not specified Description: The issue is related to a hidden administrator account with a fixed password in MinMax CMS. This account cannot be removed or disabled from the management interface, allowing remote...

9.8CVSS7.5AI score0.00653EPSS
Exploits0References11
OSV
OSV
added 2023/03/28 9:15 p.m.2 views

CVE-2023-28654

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. The user is not visible in Usernames and Passwords menu list of the application and the password cannot be changed through...

9.8CVSS7.3AI score0.00771EPSS
Exploits1References1
NVD
NVD
added 2023/03/28 9:15 p.m.17 views

CVE-2023-28654

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. The user is not visible in Usernames and Passwords menu list of the application and the password cannot be changed through...

9.8CVSS9.6AI score0.00771EPSS
Exploits1References1
CVE
CVE
added 2023/03/28 8:3 p.m.67 views

CVE-2023-28654

CVE-2023-28654 affects the Osprey Pump Controller, version 1.01. A hidden administrative account with a hardcoded password exists, not visible in the usernames/passwords list, and cannot be changed through normal operation. The backdoor is in Mirage_ValidateSessionCode.x, allowing full access to ...

9.8CVSS9.6AI score0.00771EPSS
Exploits1References1Affected Software1
Hacker One
Hacker One
added 2022/06/10 8:27 a.m.20 views

Reddit: Admin can create a hidden admin account which even the owner can not detect and remove and do administrative actions on the application.

ads.reddit.com is an ads creating and managing application for reddit. The application has the feature to invite other members to the organization and give different roles at ad management. Testing around the role management functionalities, I have noticed that a user with the same email can get...

0.6AI score
Exploits0
OSV
OSV
added 2019/12/02 5:15 p.m.4 views

CVE-2019-19021

An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account with a hard-coded password in the web administration interface, with administrator privileges. Anybody can log in with this account...

9.8CVSS7.3AI score0.01425EPSS
Exploits1References2
Rows per page
Query Builder