TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from weaknesses in the Web interface’s application layer encryption. It could allow adjacent attackers to brute-force the weak AES key and...

CVE-2025-53960 Apache StreamPark: Uses the user’s password as the secret key

When issuing JSON Web Tokens JWT, Apache StreamPark directly uses the user's password as the HMAC signing key e.g., with the HS256 algorithm. An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge...

Apache StreamPark 安全漏洞

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a security bypass vulnerability due to the use of a fixed, immutable encryption key. An attacker could exploit the vulnerability to decrypt...

Siemens SINEMA Remote Connect Server 安全漏洞

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens Germany. The platform is primarily used to remotely access, maintain, control and diagnose the underlying network. A security vulnerability exists in Siemens SINEMA Remote Connect Server versions prior to V3...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...

CVE-2023-41612

Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabledtelnet.dat on the Micro SD card...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...

PT-2024-12945 · Victure · Victure Pc420

Name of the Vulnerable Software and Affected Versions: Victure PC420 version 1.1.39 Description: The issue is related to the use of a weak and partially hardcoded key for data encryption. Recommendations: For Victure PC420 version 1.1.39, at the moment, there is no information about a newer versi...

Victure PC420 安全漏洞

The Victure PC420 is a web-based smart camera from Victure. A security vulnerability exists in the Victure PC420 version 1.1.39 that originates from the use of a weak encryption key in the enabledtelnet.dat file on the Micro SD card...

Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption

Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Date: 2020-04-20 Author: hyp3rlinx Vendor: CVE: CVE-2020-6857 import time, string, sys, argparse, os, codecs Fixed: updated for Python 3, the hex decode function was not working in Python 3 version. This should be compatible...

CVE-2020-6857

CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary...