334 matches found
CVE-2026-23853
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacke...
CVE-2026-23853
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacke...
Dell PowerProtect Data Domain 安全漏洞
Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and data deactivation. Vulnerabilities exist in versions 7.7.1.0 to 8.5 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.2...
PT-2026-33417
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.5 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.50 Description The Data Domain Operating System DD OS...
EUVD-2025-209010
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence AI services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it...
Multiple vulnerabilities in ELECOM wireless LAN products
Overview Wireless LAN products provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site request forgery CWE-352 - CVE-2026-20704 OS command injection CWE-78 - CVE-2026-22550 Use of weak credentials CWE-1391 - CVE-2026-24449 Stack-based buffer overflow CWE-121 -...
Konica Bizhub Multifunction Printers Use of Weak Credentials (CVE-2024-51978)
An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP...
CVE-2025-69271
Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials
A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that's capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. "The current wave of campaigns is driven b...
CVE-2025-1081
A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...
EUVD-2023-60534
Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...
PT-2025-54252
Name of the Vulnerable Software and Affected Versions Anevia Flamingo XL/XS version 3.6.20 Description The software contains a critical issue involving weak default administrative credentials. Attackers can easily guess these credentials to gain full remote system control without complex...
CVE-2021-47707
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowing them to access the web control panel...
CVE-2021-47707 COMMAX CVD-Axx DVR Weak Default Credentials Stream Disclosure
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowing them to access the web control panel...
COMMAX CVD-Axx DVR 安全漏洞
COMMAX CVD-Axx DVR is a series of digital video recorders from the Korean company COMMAX. A security vulnerability exists in COMMAX CVD-Axx DVR version 5.1.4, which stems from a weak default credentials issue that could lead to remote password attacks and RTSP stream leaks...
CVE-2024-49572
Talos reports CVE-2024-49572 as a denial-of-service in the Modbus TCP service of Socomec DIRIS Digiware M-70 (v1.6.9). An unauthenticated attacker can send a crafted Modbus TCP packet to trigger a factory-reset sequence that restores WEBVIEW-M credentials to default, enabling potential privilege ...
Socomec DIRIS Digiware M-70 安全漏洞
The Socomec DIRIS Digiware M-70 is a multipoint temperature measurement module from Socomec France. A security vulnerability exists in Socomec DIRIS Digiware M-70 version 1.6.9, which stems from a flaw in the Modbus RTU over TCP functionality that could lead to denial of service and weak...
CVE-2025-12218
Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...
CVE-2025-10639
The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...