85 matches found
CVE-2025-15622
The CVE-2025-15622 vectors/auth flow involve Sparx Systems Pty Ltd. Sparx Enterprise Architect desktop client exposing a plaintext OAuth2 client secret, which the client decodes and uses to exchange for access and ID tokens in the OpenID authentication flow. This is described as an Insufficiently...
CVE-2026-32842
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username...
EUVD-2026-12655
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username...
CVE-2026-32842 Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username...
CVE-2026-32842
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username...
Edimax GS-5008PL 安全漏洞
The Edimax GS-5008PL is a Gigabit Ethernet switch produced by Edimax of Taiwan, China. Versions of the Edimax GS-5008PL prior to 1.00.54 contained security vulnerabilities. These vulnerabilities stemmed from insecure credential storage, allowing attackers to obtain administrator credentials by...
PT-2026-25948
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username...
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
Insufficiently Protected Credentials
Overview rdsai-cli is an AI-powered CLI tool for Relation database management and analysis Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insecure local storage of sensitive credentials. An attacker can exploit this by accessing the configuration...
📄 Netbus Backdoor 1.7 Remote Code Execution
Netbus Backdoor version 1.7 Metasploit module that leverages an insecure credential storage vulnerability that then performs command injection. ============================================================================================================================================= | Title :...
📄 Backdoor.Win32.ControlTotal.t MVID-2025-0702 Insecure Credential Storage
Backdoor.Win32.ControlTotal.t malware listens on TCP port 2032 and requires authentication. The password "jdf4df4vdf" is stored in cleartext within the PE file. Discovery / credits: Malvuln John Page aka hyp3rlinx c 2025 Original source:...
EUVD-2019-13346
Malware in sbrugna...
EUVD-2021-15892
Malware in sbrugna...
EUVD-2022-31492
Malicious code in bioql PyPI...
EUVD-2023-41301
Malicious code in bioql PyPI...
EUVD-2023-28111
Malicious code in bioql PyPI...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
Ubuntu Touch Security VAPT Report Welcome to the Ubuntu Touch...
CVE-2023-24047
An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...
CVE-2021-29253
The Tableau integration in RSA Archer 6.4 P1 6.4.0.1 through 6.9 P2 6.9.0.2 is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks...
Intelbras InControl 安全漏洞
Intelbras InControl is an access control management software from Intelbras that allows users to easily manage any ingress and egress traffic using access control devices. A security vulnerability exists in Intelbras InControl version 2.21.59 and earlier, which stems from improper handling of...