Lucene search
K

276 matches found

NVD
NVD
added 2026/04/17 4:17 p.m.6 views

CVE-2026-6284

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

9.3CVSS0.00449EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/17 3:14 p.m.28 views

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

9.3CVSS0.00449EPSS
Exploits0References3
CVE
CVE
added 2026/04/17 3:14 p.m.27 views

CVE-2026-6284

CVE-2026-6284 affects Horner Automation PLC products (Cscape software and XL4/XL7 XL-series PLCs). Vulnerability stems from weak password requirements: limited password complexity and no input-rate limits enable network-auth brute-forcing to gain unauthorized access to systems and services. Attac...

9.3CVSS5.7AI score0.00449EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.4 views

CVE-2026-33771

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.7AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 12:30 a.m.3 views

EUVD-2026-21193

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 9:33 p.m.24 views

CVE-2026-33771

CVE-2026-33771 affects Juniper CTP OS (CTP OS) and its password management function, where password complexity requirements configured in the admin menu are not saved, allowing weak passwords. This could enable an unauthenticated, network-based attacker to exploit weak local passwords and potenti...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 9:33 p.m.3 views

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.7AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 9:33 p.m.17 views

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:33 p.m.2 views

CVE-2026-33771

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/03/29 3:50 p.m.6 views

Weak Password Requirements

Overview @openclaw/synology-chat is a Synology Chat channel plugin for OpenClaw Affected versions of this package are vulnerable to Weak Password Requirements due to insufficient rate limiting in the webhook authentication process. An attacker can repeatedly guess weak webhook tokens by sending...

6.9CVSS5.9AI score0.00244EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/27 10:37 p.m.4 views

Weak Password Requirements

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Weak Password Requirements in the authentication process for Telegram webhooks due to missing rate limiting on secret guesses. An attacker can repeatedly attempt to guess weak secrets by...

6.5CVSS5.9AI score0.00287EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/25 10:2 p.m.4 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...

9.3CVSS6AI score0.00428EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/25 10:2 p.m.3 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...

9.3CVSS6AI score0.00428EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/20 3:56 p.m.21 views

CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements

The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...

9.8CVSS0.0057EPSS
Exploits0References2
NVD
NVD
added 2026/01/25 11:15 p.m.11 views

CVE-2026-1408

A weakness has been identified in Beetel 777VR1 up to 01.00.09/01.00.0955. This vulnerability affects unknown code of the component UART Interface. Executing a manipulation can lead to weak password requirements. The physical device can be targeted for the attack. The attack requires a high level...

4.2CVSS0.00278EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.10 views

CVE-2022-35143

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...

9.8CVSS6.9AI score0.01293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.8 views

CVE-2019-18872

Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords e.g., 1 or 1234...

7.5CVSS7.1AI score0.00921EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.7 views

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

7.5CVSS6.8AI score0.01252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.9 views

CVE-2023-4125

Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...

8.8CVSS6.8AI score0.00732EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.9 views

CVE-2023-40707

There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials...

8.6CVSS7.1AI score0.00468EPSS
Exploits0References1
Rows per page
Query Builder