CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2022/08/29 12:15 a.m.•20 views

Hardcoded credentials

TOTOLINK A950RG V4.1.2cu.5204B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

4.3CVSS7.8AI score0.00056EPSS

CVE•added 2022/08/28 11:58 p.m.•43 views

CVE-2022-36615

CVE-2022-36615 affects TOTOLINK A3000RU v4.1.2cu.5185_B20201128, where a hardcoded root password exists in /etc/shadow.sample. Documented by NVD and Red Hat, the vulnerability enables local, high-impact compromise with root access if exploited. Connected sources confirm the device model and firmw...

CVE•added 2022/08/28 11:58 p.m.•66 views

CVE-2022-36614

CVE-2022-36614 affects TOTOLINK A860R, specifically V4.1.2cu.5182_B20201027, which is disclosed to contain a hardcoded root password in /etc/shadow.sample. The available connected documents confirm the affected product and the root-cause (hardcoded credential) but do not provide a documented fix/...

Cvelist•added 2022/08/28 11:58 p.m.•19 views

CVE-2022-36614

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

CVE•added 2022/08/28 11:58 p.m.•63 views

CVE-2022-36613

Summary of CVE-2022-36613 : Affects TOTOLINK N600R with version 4.3.0cu.7647_B20210106. The issue is a hardcoded root password stored in /etc/shadow.sample, enabling potential local unauthorized access. The CWE/underlying root cause is the presence of a built-in credential rather than a runtime m...

CVE•added 2022/08/28 11:58 p.m.•66 views

CVE-2022-36612

CVE-2022-36612 affects TOTOLINK A950RG with firmware 4.1.2cu.5204_B20210112. The issue is a hardcoded root password stored in /etc/shadow.sample, enabling local access with high impact (confidentiality, integrity, availability). Exploitation details are not provided in the documents; no official ...

Cvelist•added 2022/08/28 11:58 p.m.•20 views

CVE-2022-36613

TOTOLINK N600R V4.3.0cu.7647B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

Cvelist•added 2022/08/28 11:58 p.m.•22 views

CVE-2022-36612

TOTOLINK A950RG V4.1.2cu.5204B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

Cvelist•added 2022/08/28 11:58 p.m.•22 views

CVE-2022-36611

TOTOLINK A800R V4.1.2cu.5137B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

Cvelist•added 2022/08/28 11:58 p.m.•20 views

CVE-2022-36610

TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

OSV•added 2022/08/25 8:15 p.m.•2 views

UBUNTU-CVE-2021-35937

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and...

6.4CVSS6.7AI score0.00014EPSS

Exploits1References3

CVE•added 2022/08/16 12:30 a.m.•56 views

CVE-2022-24949

EternalTerminal (pre-6.2.0) has a local privilege-escalation bug in PipeSocketHandler::listen() caused by a race condition, a buffer overflow, and a logic bug. CVE-2022-24949 is addressed in EternalTerminal 6.2.1, per OSV/OpenSUSE fixes; update to 6.2.1 to remediate. Other CVEs (24950–24952) are ...

7.5CVSS7.7AI score0.00397EPSS

Exploits1References2Affected Software1

NVD•added 2022/08/10 8:15 p.m.•12 views

CVE-2022-35491

TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample...

9.8CVSS0.00426EPSS

Exploits0References1

NVD•added 2022/08/10 8:15 p.m.•20 views

CVE-2022-31672

VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root...

7.2CVSS0.01047EPSS