Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded Web Application Administrator Password
27.05.2021
Jim Becher
Low
Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity
07.07.2017
Matt Bergin
High
SAP Hybris E-commerce Suite 5.1.0.3 Hard-Coded Password
17.08.2016
Aleksey Tyurin
High
Lorex ECO DVR Backdoor Account
01.06.2016
Andrew Hofmans
High
LIXIL Satis Toilet Hard-Coded Bluetooth PIN
02.08.2013
Daniel Crowley
CVEMAP Search Results
CVE
Details
Description
2024-03-18
CVE-2024-27774
Updating...
Unitronics Unistream Unilogic �?? Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware
2024-01-08
CVE-2023-50948
Updating...
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671.
2023-09-27
CVE-2023-5222
Updating...
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This vulnerability affects the function isValidUser of the file /cgi-bin/vitogate.cgi of the component Web Management Interface. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240364. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2023-06-14
CVE-2023-3237
Updating...
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument username/password with the input admin leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231508.
2023-05-18
CVE-2023-2799
Updating...
A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229376. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2023-05-11
CVE-2023-2645
Updating...
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. VDB-228774 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2023-05-09
CVE-2023-29103
Updating...
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data.
2023-02-13
CVE-2023-0808
Updating...
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. Upgrading to version MW3_16U_5406_1.53 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-220769 was assigned to this vulnerability.
2023-01-18
CVE-2022-45444
Updating...
Sewio�??s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application�??s database. This could allow a remote attacker to login to the database with unrestricted access.
2023-01-07
CVE-2018-25069
Updating...
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability.
Copyright
2024
, cxsecurity.com
Back to Top
