14 matches found
CVE-2024-39374
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...
CVE-2024-39374
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...
CVE-2024-39374
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...
CVE-2024-39374 Use of Hard-coded Credentials in TELSAT marKoni FM Transmitter
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials...
CVE-2024-39374
CVE-2024-39374 affects TELSAT marKoni FM Transmitters (Markoni-D/Compact and Markoni-DH/Exciter+Amplifiers; affected versions prior to 2.0.1). Root cause: a hidden admin account accessible via hard-coded credentials, enabling an attacker to gain administrative access without authentication. Publi...
PT-2024-28475 · Telsat · Telsat Markoni Fm Transmitters
Name of the Vulnerable Software and Affected Versions: TELSAT marKoni FM Transmitters affected versions not specified Description: The issue concerns a hidden admin account in TELSAT marKoni FM Transmitters that can be accessed using hard-coded credentials, allowing an attacker to exploit this...
CVE-2024-5514
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without bei...
CVE-2024-5514
CVE-2024-5514 affects MinMax CMS by MinMax Digital Technology and involves a hidden administrative account with a fixed password that cannot be removed or disabled via the management interface. This allows remote attackers to bypass IP-based access controls and log in to the backend without being...
PT-2024-3984 · Unknown · Minmax Cms
Name of the Vulnerable Software and Affected Versions: MinMax CMS affected versions not specified Description: The issue is related to a hidden administrator account with a fixed password in MinMax CMS. This account cannot be removed or disabled from the management interface, allowing remote...
CVE-2023-28654
Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. The user is not visible in Usernames and Passwords menu list of the application and the password cannot be changed through...
CVE-2023-28654
Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. The user is not visible in Usernames and Passwords menu list of the application and the password cannot be changed through...
CVE-2023-28654
CVE-2023-28654 affects the Osprey Pump Controller, version 1.01. A hidden administrative account with a hardcoded password exists, not visible in the usernames/passwords list, and cannot be changed through normal operation. The backdoor is in Mirage_ValidateSessionCode.x, allowing full access to ...
Reddit: Admin can create a hidden admin account which even the owner can not detect and remove and do administrative actions on the application.
ads.reddit.com is an ads creating and managing application for reddit. The application has the feature to invite other members to the organization and give different roles at ad management. Testing around the role management functionalities, I have noticed that a user with the same email can get...
CVE-2019-19021
An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account with a hard-coded password in the web administration interface, with administrator privileges. Anybody can log in with this account...