8 matches found
CVE-2026-36606
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...
EUVD-2022-27846
Malicious code in bioql PyPI...
CVE-2022-22703
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer...
CVE-2020-15023
Askey AP5100W devices through AP5100WDualSIG1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an attempted and even failed WPS authentication attempt, it is possible to brute...
CVE-2020-9462
An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup. Upon success, the attacker is able to further...
CVE-2018-20956
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31...
CVE-2018-20956
CVE-2018-20956 affects Swann SWWHD-INTCAM-HD devices, where the pre-shared key (PSK) is left in logs after a factory reset. This is an information disclosure risk, as logged PSKs could be exposed to an attacker with access to device logs. The public descriptions consistently reference the issue a...
CVE-2018-20956
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31...