12 matches found
CVE-2025-54303
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default...
CVE-2025-53963
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with netwo...
CVE-2025-54303
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default...
CVE-2025-54303
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default...
CVE-2025-54305
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTEADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user wit...
CVE-2025-54305
CVE-2025-54305 affects Thermo Fisher Torrent Suite Django application version 5.18.1. The LocalhostAuthMiddleware authenticates users as ionadmin when request.META[REMOTE_ADDR] is 127.0.0.1, 127.0.1.1, or ::1, allowing any user with local server access to bypass authentication. Documented impact ...
CVE-2025-54303
The CVE-2025-54303 entry concerns Thermo Fisher Torrent Suite Django application 5.18.1 with weak default credentials stored as Django ORM fixtures. The ionadmin account can authenticate to default deployments using the password ionadmin, and there is no enforced policy to require changing defaul...
EUVD-2025-201178
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTEADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user wit...
EUVD-2025-201180
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default...
Thermo Fisher Ion Torrent OneTouch 2 安全漏洞
The Thermo Fisher Ion Torrent OneTouch 2 is a fully automated sequencing template preparation instrument from Thermo Fisher, USA. A security vulnerability exists in Thermo Fisher Ion Torrent OneTouch 2 version INS1005527, which stems from the root account using a weak default password, ionadmin,...
PT-2025-49040
Name of the Vulnerable Software and Affected Versions Thermo Fisher Torrent Suite Django application version 5.18.1 Description The application uses weak default credentials that are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default...
EUVD-2025-201181
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with netwo...