Total
725 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10718 | 1 Ishekar | 2 Endoscope Camera, Endoscope Camera Firmware | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and password thereby denying the owner an access to his/her own device. This device acts as an Endoscope camera that allows its users to use it in various industrial systems and settings, car garages, and also in some cases in the medical clinics to get access to areas that are difficult for a human being to reach. Any breach of this system can allow an attacker to get access to video feed and pictures viewed by that user and might allow them to get a foot hold in air gapped networks especially in case of nation critical infrastructure/industries. | |||||
| CVE-2015-1320 | 1 Canonical | 1 Metal As A Service | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2. | |||||
| CVE-2017-18470 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 4.0 MEDIUM | 8.8 HIGH |
| cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). | |||||
| CVE-2017-8229 | 1 Amcrest | 2 Ipm-721s, Ipm-721s Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function sub_436D6 in IDA pro is identified to be setting up the configuration for the device. If one scrolls to the address 0x000437C2 then one can see that /current_config is being set as an ALIAS for /mnt/mtd/Config folder on the device. If one TELNETs into the device and navigates to /mnt/mtd/Config folder, one can observe that it contains various files such as Account1, Account2, SHAACcount1, etc. This means that if one navigates to http://[IPofcamera]/current_config/Sha1Account1 then one should be able to view the content of the files. The security researchers assumed that this was only possible only after authentication to the device. However, when unauthenticated access tests were performed for the same URL as provided above, it was observed that the device file could be downloaded without any authentication. | |||||
| CVE-2014-5433 | 1 Baxter | 3 Sigma Spectrum Infusion System, Sigma Spectrum Infusion System Firmware, Wireless Battery Module | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16, which may allow an attacker to gain access the host network. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8, which incorporates hardware and software changes. | |||||
| CVE-2017-6047 | 1 3m | 1 Detcon Sitewatch Gateway | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication. | |||||
| CVE-2019-5456 | 1 Ui | 1 Unifi Controller | 2023-12-10 | 4.3 MEDIUM | 8.1 HIGH |
| SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later. | |||||
| CVE-2016-10821 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75). | |||||
| CVE-2015-9278 | 1 Mailenable | 1 Mailenable | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request. | |||||
| CVE-2016-8616 | 1 Haxx | 1 Curl | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password. | |||||
| CVE-2003-1605 | 1 Haxx | 1 Curl | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | |||||
| CVE-2016-6553 | 1 Nuuo | 2 Nt-4040 Titan, Nt-4040 Titan Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device. | |||||
| CVE-2017-17836 | 1 Apache | 1 Airflow | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, whether it be via XSS or by leaving a machine unlocked can exfiltrate all credentials from the system. | |||||
| CVE-2016-6554 | 1 Synology | 6 Ds107, Ds107 Firmware, Ds116 and 3 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device. | |||||
| CVE-2016-6551 | 1 Intelliantech | 26 T100q, T100q Firmware, T100w and 23 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678. A remote network attacker can gain elevated access to a vulnerable device. | |||||
| CVE-2016-6546 | 1 Kkmcn | 1 Itrackeasy | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
| The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext. | |||||
| CVE-2016-9489 | 1 Zohocorp | 1 Manageengine Applications Manager | 2023-12-10 | 4.0 MEDIUM | 8.8 HIGH |
| In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change another user's password. | |||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | |||||
| CVE-2018-6443 | 2 Brocade, Netapp | 2 Network Advisor, Brocade Network Advisor | 2023-12-10 | 4.3 MEDIUM | 8.1 HIGH |
| A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console. | |||||
| CVE-2016-6547 | 1 Nutspace | 1 Nut Mobile | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
| The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. | |||||