EUVD-2026-9375

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

CVE-2026-29120

Technical details beyond what’s in the Initial Description are not publicly provided in the connected documents. Monitor for updates to the CVE-2026-29120 entry as new disclosures may clarify affected components, impact, or remediation.

EUVD-2024-25232

Malicious code in bioql PyPI...

Unspecified Vulnerability in Tenda CP3 Pro

Tenda CP3 Pro is a smart wireless PTZ camera that combines 360° panoramic surveillance, 3MP HD camera, and Wi-Fi 6 network technology, and supports human/pet detection, cry detection, and one-button calling. Tenda CP3 Pro suffers from a security vulnerability that originates from the presence of ...

Tenda CP3 Pro 安全漏洞

Tenda CP3 Pro is a smart wireless PTZ camera that combines 360° panoramic surveillance, 3MP HD camera, and Wi-Fi 6 network technology, and supports human/pet detection, cry detection, and one-button calling. Tenda CP3 Pro suffers from a security vulnerability that originates from the presence of ...

CVE-2024-28065

In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash...

CVE-2024-28065

In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash...

CVE-2024-28065

CVE-2024-28065 affects Unify CP IP Phone firmware 1.10.4.3. The issue arises because files are not encrypted and contain sensitive data such as the root password hash. CVSS 3.1 vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N, base score 5.9 (Medium). Exploitation status is not provided in the documen...

CVE-2024-28065

In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash...

CVE-2024-28065

In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash...

CVE-2023-40463

When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...

CVE-2023-40463 Use of Hard-Coded Credentials

When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...

Juniper SRX Firewall / EX Switch Remote Code Execution Exploit

This Metasploit module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices running FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP...

Juniper SRX Firewall / EX Switch Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'unixcrypt' require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'Junos OS PHPRC Environment Variable Manipulation RCE', 'Description' = %q...

Junos OS PHPRC Environment Variable Manipulation RCE

This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The...

CVE-2023-33920

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with...

Barco wePresent WiPG-1600W 信任管理问题漏洞

The Barco wePresent WiPG-1600W is a management device for conference environments from Barco Belgium. A security vulnerability exists in Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19, which stems from the inclusion of a hard-coded root password hash in the firmware...

Barco wePresent WiPG-1600W Security Vulnerability

Barco Barco wePresent WiPG-1600W is a management device for conference environments from Barco Belgium. A security vulnerability exists in the Barco wePresent WiPG-1600W that originates from the inclusion of a hard-coded root password hash in the firmware image and affects the following products...

360 Wireless IP Camera is vulnerable (CNVD-2018-06852)

360 Wireless IP Camera is a webcam product from China's Qihoo 360 Qihu 360. A security vulnerability exists in the 360 Wireless IP Camera, which originates from the root account using a known SHA-512 password hash. The vulnerability can be exploited by a remote attacker to gain administrative...

CVE-2014-2534

/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow...