25 matches found
EUVD-2020-4061
Malware in sbrugna...
EUVD-2020-4062
Malware in sbrugna...
EUVD-2020-4060
Malware in sbrugna...
CVE-2020-8995
Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several hardcoded credentials to different servers that allow remote attackers to gain access to the complete infrastructure including the website, update server, and external issue tracking tools...
CVE-2020-11720
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password...
CVE-2020-11719
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key...
CVE-2020-11718
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP...
CVE-2020-11719
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key...
CVE-2020-11720
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password...
CVE-2020-11718
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP...
CVE-2020-11720
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password...
CVE-2020-11718
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP...
Default credentials
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password...
CVE-2020-11719
Technical details about CVE-2020-11719 are not publicly available in the provided documents; monitor for updates.
CVE-2020-11719
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key...
CVE-2020-11720
CVE-2020-11720 affects Programi Bilanc, build 007 release 014 (31.01.2020) and possibly earlier. The issue is a default admin credential: during installation it creates an administrator account with username admin and password 0000, and the process does not prompt users to change it afterward. Th...
CVE-2020-11720
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password...
CVE-2020-11718
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP...
CVE-2020-11718
CVE-2020-11718 affects Programi Bilanc build 007 release 014 (and earlier). The issue is that software-update packages are downloaded via cleartext HTTP, exposing update delivery to eavesdropping or tampering. NVD attributes a CVSS‑2 base score of 5.8 (PARTIAL confidentiality and integrity impact...
CVE-2020-8995
Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several hardcoded credentials to different servers that allow remote attackers to gain access to the complete infrastructure including the website, update server, and external issue tracking tools...