276 matches found
CVE-2026-6284
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284
CVE-2026-6284 affects Horner Automation PLC products (Cscape software and XL4/XL7 XL-series PLCs). Vulnerability stems from weak password requirements: limited password complexity and no input-rate limits enable network-auth brute-forcing to gain unauthorized access to systems and services. Attac...
CVE-2026-33771
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
EUVD-2026-21193
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
CVE-2026-33771
CVE-2026-33771 affects Juniper CTP OS (CTP OS) and its password management function, where password complexity requirements configured in the admin menu are not saved, allowing weak passwords. This could enable an unauthenticated, network-based attacker to exploit weak local passwords and potenti...
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
CVE-2026-33771
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
Weak Password Requirements
Overview @openclaw/synology-chat is a Synology Chat channel plugin for OpenClaw Affected versions of this package are vulnerable to Weak Password Requirements due to insufficient rate limiting in the webhook authentication process. An attacker can repeatedly guess weak webhook tokens by sending...
Weak Password Requirements
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Weak Password Requirements in the authentication process for Telegram webhooks due to missing rate limiting on secret guesses. An attacker can repeatedly attempt to guess weak secrets by...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...
CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-1408
A weakness has been identified in Beetel 777VR1 up to 01.00.09/01.00.0955. This vulnerability affects unknown code of the component UART Interface. Executing a manipulation can lead to weak password requirements. The physical device can be targeted for the attack. The attack requires a high level...
CVE-2022-35143
Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...
CVE-2019-18872
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords e.g., 1 or 1234...
CVE-2020-7519
A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...
CVE-2023-4125
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-40707
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials...