CVE-2024-1345

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password...

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

The vulnerability of microprogrammed switching equipment such as GigaOrion, GigaLynx, GigaPlus, and GigaPro, as well as external switching modules like Apex, ApexLynx, ApexOrion, StrataLink, and StrataPro, stems from the use of pre-installed user accounts. This allows attackers to gain access to the embedded operating system with administrator privileges.

The vulnerability of microprogrammed switching equipment such as GigaOrion, GigaLynx, GigaPlus, and GigaPro, as well as external switching modules like Apex, ApexLynx, ApexOrion, StrataLink, and StrataPro, stems from the use of a pre-installed root account password, which is stored publicly in th...

PT-2011-36: Insufficient authorization in Citrix XenServer Virtual Switch Controller

Positive Research Center has discovered an insufficient authorization in Citrix XenServer Virtual Switch Controller. Low privileged Read-Only users can change certain configuration parameters e.g. hostname and domain. Configuration snapshots that contain the entire system configuration including...