PT-2025-44802

Name of the Vulnerable Software and Affected Versions Deck Mate 2 affected versions not specified Description Deck Mate 2 is shipped with pre-set, unchanging credentials for both the root shell and the web user interface. Multiple management services, including SSH, HTTP, Telnet, SMB, and X11, ar...

The vulnerability of the management software for Keycloak’s identification and access controls is related to the use of pre-set user accounts. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Keycloak identity and access management software relates to the use of pre-set user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software, related to resource management errors, allows attackers to gain access to the device.

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software is related to resource management errors. Exploiting this vulnerability can allow an attacker to gain access to the device by using pre-set credentials...

The vulnerability of microprogrammed software in Nexx Garage Door Controllers (NXG-100B, NXG-200), Nexx Smart Plugs (NXPG-100W), and Nexx Smart Alarms (NXAL-100) arises from the use of pre-set credentials. This allows a intruder to gain unauthorized access to the MQ Telemetry Server (MQTT) server.

The vulnerability of microprogrammed software in Nexx Garage Door Controllers NXG-100B, NXG-200, Nexx Smart Plugs NXPG-100W, and Nexx Smart Alarms NXAL-100 lies in the use of pre-set credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the MQ Telemetry...

The vulnerability of InHand Networks InRouter302’s microprogramming software, related to the use of pre-installed credentials, allows a hacker to perform arbitrary actions.

The vulnerability of InHand Networks InRouter302 microprogramming software lies in the use of pre-set credentials. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...

The vulnerability of the /usr/local/sbin/webproject/set_param.cgi script in the Infiray IRAY-A8Z3 thermal imager software allows a intruder to escalate their privileges.

The vulnerability of the /usr/local/sbin/webproject/setparam.cgi file in the Infiray IRAY-A8Z3 thermal imager software is related to the use of pre-set user credentials. Exploiting this vulnerability could allow an attacker to gain increased privileges remotely...

The vulnerability of the PROFIBUS-Ethernet gateway Softing AG FG-100 PB lies in the use of pre-set credentials, allowing a intruder to gain access to the device with root privileges.

The vulnerability of the PROFIBUS-Ethernet gateway Softing AG FG-100 PB lies in the use of pre-set credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the device with root privileges through a Telnet connection...

The vulnerability of the microprogrammed software of the Infinia Hawkeye 4 gamma camera, related to the use of pre-set credentials, allows a intruder to gain access to the device.

The vulnerability of the microprogrammed software of the Infinia Hawkeye 4 gamma camera is related to the use of pre-set credentials. Exploiting this vulnerability can allow a remote attacker to gain access to the device...

The vulnerability of NETGEAR Arlo base stations and NETGEAR Arlo Q/Arlo Q Plus wireless video cameras lies in the use of pre-installed credentials, which allows a intruder to gain access to the device.

The vulnerability of the microprogramming software used in NETGEAR Arlo base stations and wireless video surveillance cameras like NETGEAR Arlo Q and NETGEAR Arlo Q Plus lies in the use of preset login credentials password “12345678”. Exploiting this vulnerability could allow a malicious actor to...

The vulnerability of Zyxel Wi-Fi transponders lies in the use of pre-set credentials, which allows attackers to intercept DNS requests.

The vulnerability of the Zyxel Wi-Fi signal relay stems from the use of pre-set account credentials “root” and “admin” default password: 1234 during Telnet protocol connections. Exploiting this vulnerability allows a remote attacker to intercept DNS requests by reconfiguring the built-in...