The vulnerability of the Segnetics SMConfig system configuration tool, which stems from the use of pre-installed credentials, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Segnetics SMConfig system configuration tool is related to the use of pre-installed credentials. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information by sending a specially...

The vulnerability of the microprogramming software of Moxa EDS-P510 allows a malicious individual to gain access to applications via the Telnet protocol.

The vulnerability of Moxa EDS-P510 microcontroller-based software is related to the use of pre-installed credentials. Exploiting this vulnerability can allow an attacker to remotely access applications via Telnet, in order to execute commands or modify settings...

The vulnerability of the file /squashfs-root/web_cste/cgi-bin/product.ini of the TOTOLink T10 router microprogramming software allows a intruder to gain unauthorized access to the Telnet service.

The vulnerability of the file /squashfs-root/webcste/cgi-bin/product.ini of the TOTOLink T10 microprogramming router software is related to the use of pre-installed credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the Telnet service...

PT-2024-7251 · Скуд Gate · Скуд Gate

Name of the Vulnerable Software and Affected Versions: СКУД Gate affected versions not specified Description: The issue is related to the presence of pre-installed credentials in the software. Exploitation of this issue may allow a remote attacker to elevate their privileges within the system and...

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

The vulnerability of the software platform for remote management of endpoints, backup, and virtualization in Acronis Cyber Infrastructure (ACI) arises from the use of pre-installed credentials. This allows a malicious actor to execute arbitrary code.

The vulnerability of the software platform for remote control of endpoints, backup copies, and virtualization in Acronis Cyber Infrastructure ACI lies in the use of pre-installed credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the MICROprogramming software for the SIMATIC CN 4100 communication gateway, which stems from the use of pre-installed user credentials, allows a malicious actor to gain unauthorized access to the device with root user privileges.

The vulnerability of the MICROprogramming software used in the SIMATIC CN 4100 communication gateway lies in the use of pre-installed user credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the device with root privileges...

The vulnerability of the LaborOfficeFree software for managing shift scheduling and working hours, which stems from the use of pre-installed database records, allows a perpetrator to gain unauthorized access to the application’s backup database.

The vulnerability of the executable files LOFservice.exe and LaborOfficeFree.exe of the LaborOfficeFree software for workforce management and time tracking involves the use of pre-installed database credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the microprogramming software of the SIMATIC CN 4100 communication gateway, related to the use of pre-installed credentials, allows a intruder to gain full access to the device.

The vulnerability of the MICROprogramming software used in the SIMATIC CN 4100 communication gateway lies in the use of pre-installed credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the device...

The vulnerability of the Azure AI Search search engine, related to the use of pre-installed credentials, allows a perpetrator to disclose protected information.

The vulnerability of the Azure AI Search search engine is related to the use of pre-installed credentials. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by security measures...

PT-2024-2812 · Microsoft · Azure Ai Search

Name of the Vulnerable Software and Affected Versions: Azure AI Search affected versions not specified Description: The issue is related to the use of pre-installed credentials in Azure AI Search, which can be exploited to disclose protected information. Recommendations: At the moment, there is n...

The vulnerability of the microprogramming software for UniLogic Studio series UniStream-controlled programmable logic controllers, related to the use of pre-installed credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for UniLogic Studio series UniStream controllers is related to the use of pre-installed credentials. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

PT-2024-2275 · Unitronics · Unistream +2

Name of the Vulnerable Software and Affected Versions: Unitronics Unistream Unilogic versions prior to 1.35.227 Description: The issue is related to the use of hard-coded passwords, which may allow an attacker to disclose sensitive information embedded inside the device's firmware. This could...

The vulnerability of Schneider Electric EcoStruxure IT Gateway’s software for communicating with controlled devices stems from the use of pre-installed credentials. This allows a perpetrator to escalate their privileges.

The vulnerability of Schneider Electric EcoStruxure IT Gateway software for communication with controlled devices is related to the use of pre-installed credentials. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2024-1621 · Unknown · Location Intelligence Sus Non-Prod +7

Name of the Vulnerable Software and Affected Versions: Location Intelligence Perpetual Large versions prior to V4.3 Location Intelligence Perpetual Medium versions prior to V4.3 Location Intelligence Perpetual Non-Prod versions prior to V4.3 Location Intelligence Perpetual Small versions prior to...

The vulnerability of the ACEManager component in the ALEOS operating system of Sierra Wireless’ wireless routers—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—allows a hacker to cause service interruptions.

The vulnerability of the ACEManager component in the ALEOS operating system for wireless routers from Sierra Wireless—such as the MP70, RV50x, RV55, LX40, LX60 ES450, and GX450 models—is related to pre-installed credentials due to the use of the assert function or similar operators. Exploiting th...

The vulnerability of the InstallApplication class in the D-View 8 network device management platform allows a perpetrator to bypass authentication.

The vulnerability of the InstallApplication class in the D-View 8 network device management platform is related to the use of pre-installed credentials. Exploiting this vulnerability allows a remote attacker to bypass authentication processes...

The vulnerability of the microprogrammed Wi-Fi router software from Juplink RX4-1500, related to the use of pre-installed credentials, allows a hacker to escalate their privileges.

The vulnerability of the microprogrammed Wi-Fi router software from Juplink RX4-1500 lies in the use of pre-set login credentials. Exploiting this vulnerability allows a remote attacker to enhance their privileges by connecting through a web interface or Telnet service...

The vulnerability of the Google Maps API Super Store Finder software lies in its use of pre-installed credentials, allowing a hacker to gain access to the administration panel.

The vulnerability of the Google Maps API Super Store Finder integration tool is related to the use of pre-installed credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the administration panel remotely...

The vulnerability of the client-server application for managing power supply sources in RCCMD, related to the use of pre-installed credentials, allows a perpetrator to execute arbitrary code or gain full control over the application.

The vulnerability of the client-server application for managing power supply sources in RCCMD is related to the use of pre-installed credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain full control over the application...