CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2025-59107

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

CVE-2025-59107

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

CVE-2025-59107 Static Firmware Encryption Password in dormakaba access manager

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

EUVD-2025-206367

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

CVE-2025-59107

Dormakaba’s FWServiceTool uses an encrypted ZIP to deliver firmware for Access Managers. A static password is embedded to decrypt and extract the firmware, and this password has been valid across multiple firmware versions. This enables local access to firmware content, affecting confidentiality ...

PT-2026-4757

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

Dormakaba Access Manager security vulnerabilities

Dormakaba Access Manager is a smart hardware controller developed by the American company Dormakaba. There is a security vulnerability in Dormakaba Access Manager, which stems from the use of a static extractable password in the firmware update ZIP file, potentially allowing the firmware to be...

PT-2026-2277

Name of the Vulnerable Software and Affected Versions DDSN Interactive Acora CMS version 10.7.1 Description A static password reset token used in the password reset function allows attackers to reset user passwords and take over accounts through replay attacks. The vulnerable function is the...

EUVD-2020-24429

Malware in sbrugna...

EUVD-2020-18401

Malware in sbrugna...

EUVD-2017-3007

Malware in sbrugna...

EUVD-2017-14335

Malware in sbrugna...

EUVD-2021-15658

Malware in sbrugna...

EUVD-2022-32823

Malicious code in bioql PyPI...

EUVD-2024-45075

Malicious code in bioql PyPI...

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.

...

CVE-2024-50377

A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The vulnerability is associated to the backup configuration functionality that by default encrypts the...

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...