10 matches found
EUVD-2026-9375
The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...
CVE-2026-29120
The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...
CVE-2025-44649
In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...
PT-2025-30306 · Trendnet · Trendnet Tew-Wlc100P
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The configuration of racoon within the device sets the exchage mode to aggressive. Utilizing aggressive mode in IKE Phase 1 results in the exposure of identity information in plaintext, making...
DEBIAN-CVE-2022-41859
In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...
UBUNTU-CVE-2022-41859
In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...
CVE-2022-22496
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942...
PT-2022-11522 · Ping Identity · Pingid Windows Login
Name of the Vulnerable Software and Affected Versions: PingID Windows Login versions prior to 2.7 Description: A misconfiguration of RSA in PingID Windows Login is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. Recommendations: For versions prior to 2.7, update t...
CVE-2018-5389
It was found that IKEv1 and potentially IKEv2 authentication when using a pre-shared key PSK is vulnerable to offline dictionary attacks in Main Mode as well as in Aggressive Mode. A man-in-the-middle attacker who intercepted the handshake of two peers authenticating with a PSK, could apply a...
Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
🔥 Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network. WPA, or Wi-Fi...