CVE-2026-7414 Hardcoded credentials in Yarbo robot firmware

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...

CVE-2026-7414

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...

Binardat 10G08-0800GSM 信任管理问题漏洞

Binardat 10G08-0800GSM is a high-performance switch from the Chinese company Binardat. The Binardat 10G08-0800GSM Network Switch V300SP10260209 and earlier versions have a vulnerability related to trust management. This vulnerability stems from hardcoded management credentials that cannot be...

CVE-2019-25291 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials Vulnerability

INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...

EUVD-2016-1493

Malware in sbrugna...

EUVD-2011-4512

Malware in sbrugna...

EUVD-2017-8273

Malware in sbrugna...

EUVD-2024-40276

Malicious code in bioql PyPI...

EUVD-2025-27022

Malicious code in bioql PyPI...

EUVD-2023-34085

Malicious code in bioql PyPI...

EUVD-2023-12406

Malicious code in bioql PyPI...

CVE-2023-53447

In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fsremount syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 1 PREEMPT SMP KASAN RIP: 0010:lockacquire+0x69/0x2000...

CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()

In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fsremount syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 1 PREEMPT SMP KASAN RIP: 0010:lockacquire+0x69/0x2000...

CVE-2025-35451

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

CVE-2025-35451

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

CVE-2023-0345

The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...

CVE-2020-29583

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in Forvia Hella HELLA Driving Recorder DR 820 that stems from the use of a fixed default SSID and password that cannot be modified by the user, allowing unauthorized access to the device...

CVE-2024-43423

The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed...

CVE-2024-43423

CVE-2024-43423 affects Dover Fueling Solutions ProGauge MAGLINK LX4 CONSOLE (and LX) web applications, describing a hard-coded administrator password that cannot be changed. Root cause: hard-coded admin credentials in the web UI, enabling full device access; CVSS scores indicate high risk (3.1/AV...