Lucene search
+L

334 matches found

Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.3 views

PT-2025-18701 · Tenda · Tenda Rx2 Pro

Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: The issue concerns the use of weak credentials, allowing an unauthenticated attacker to authenticate to the telnet service. This is achieved by calculating the root password based on easily...

8.5CVSS6.9AI score0.00357EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/05/01 12:0 a.m.16 views

CVE-2025-46627

Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address...

0.00357EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/01 12:0 a.m.8 views

CVE-2025-46627

Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address...

8.4AI score0.00357EPSS
Exploits1References2
CVE
CVE
added 2025/05/01 12:0 a.m.64 views

CVE-2025-46627

CVE-2025-46627 concerns a weak-credentials issue in the Tenda RX2 Pro. Affected: Tenda RX2 Pro with firmware 16.03.30.14. Description from multiple sources: an unauthenticated attacker can authenticate to the Telnet service by deriving the root password from easily obtainable device information, ...

8.2CVSS7.3AI score0.00357EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.16 views

The vulnerability of Philips IntelliSpace Cardiovascular’s image and data management system, related to the use of weak credentials, allows unauthorized access to the records.

The vulnerability of Philips IntelliSpace Cardiovascular’s image and data management system lies in the use of weak credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the user accounts...

7.7CVSS5.5AI score0.0012EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2025/04/01 5:8 p.m.15 views

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a...

8.8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/01 12:0 a.m.1592 views

Brocade Fabric OS Remote Code Execution / Information Disclosure

Brocade Fabric OS versions prior to 9.2.2 suffer from 10 vulnerabilities including, but not limited to, remote code execution, information disclosure, man-in-the-middle, weak cryptography, and hardcoded key vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Titl...

8.6CVSS7.8AI score0.74513EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/03/28 8:36 a.m.21 views

CVE-2024-21865

HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell...

6.5CVSS6.7AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/28 8:35 a.m.15 views

CVE-2024-29071

HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change the system settings...

8.8CVSS7AI score0.00361EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.15 views

PT-2025-12330

Name of the Vulnerable Software and Affected Versions Nebula Informatics SecHard versions prior to 3.3.0.20220411 Description The issue is related to the incorrect use of privileged APIs, cleartext transmission of sensitive information, and insufficiently protected credentials. This allows for...

9CVSS5.4AI score0.00162EPSS
Exploits0References10
HackRead
HackRead
added 2025/03/19 10:59 a.m.9 views

Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?

Top 10 Passwords hackers use to breach RDP revealed! Weak credentials cause successful cyberattacks- check if yours is on the list and secure your system now...

7.3AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/13 6:17 p.m.7 views

CVE-2025-2229 Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations...

8.5CVSS7.6AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/13 6:17 p.m.15 views

CVE-2025-2229 Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations...

8.5CVSS0.0012EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2025/02/24 7:6 p.m.9 views

Under The Hoodie: The Pen Test Diaries

Breaking In So You Don’t Have To Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or sometimes just by...

8.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.11 views

The vulnerability of the HS256 algorithm implementation in the Knowledge Space integrated planning platform lies in the use of weak credentials. This allows a hacker to gain full access to the platform.

The vulnerability of the HS256 algorithm implementation in the Knowledge Space integrated planning platform lies in the use of weak authentication data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the platform...

9.7CVSS5.5AI score
Exploits0Affected Software1
NVD
NVD
added 2025/02/06 9:15 p.m.8 views

CVE-2025-1081

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

3.1CVSS0.00288EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/06 8:31 p.m.8 views

CVE-2025-1081 Bharti Airtel Xstream Fiber WiFi Password weak credentials

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

3.1CVSS3.7AI score0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/06 8:31 p.m.23 views

CVE-2025-1081 Bharti Airtel Xstream Fiber WiFi Password weak credentials

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

3.1CVSS0.00288EPSS
Exploits0References4
CVE
CVE
added 2025/02/06 8:31 p.m.63 views

CVE-2025-1081

CVE-2025-1081 affects Bharti Airtel Xstream Fiber (up to 20250123) and its WiFi Password Handler. The issue enables use of weak credentials via local-network access, with attack complexity rated as HIGH and affected confidentiality as PARTIAL. Multiple sources note the exploit has been disclosed ...

3.1CVSS3.8AI score0.00288EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.6 views

Airtel Xstream 安全漏洞

Airtel Xstream is a streaming controller from Airtel India. A security vulnerability exists in Airtel Xstream 20250123 and earlier versions, which stems from the use of weak credentials by the WiFi Password Handler component, resulting in an attack that can be carried out on the local network...

3.1CVSS4AI score0.00288EPSS
Exploits0References4
Rows per page
Query Builder