Total
1159 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-27141 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded *j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g key. (The webs binary has details on how XOR is used.) | |||||
CVE-2020-6779 | 1 Bosch | 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more | 2023-12-10 | 10.0 HIGH | 10.0 CRITICAL |
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system. | |||||
CVE-2021-27143 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / user1234 credentials for an ISP. | |||||
CVE-2021-27157 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP. | |||||
CVE-2020-25173 | 1 Reolink | 14 Rlc-410, Rlc-410 Firmware, Rlc-422 and 11 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access | |||||
CVE-2020-29061 | 1 Cdatatec | 56 72408a, 72408a Firmware, 9008a and 53 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default root126 password for the root account. | |||||
CVE-2021-27145 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP. | |||||
CVE-2021-27147 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP. | |||||
CVE-2020-7846 | 1 Cnesty | 1 Helpcom | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page. | |||||
CVE-2021-27144 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded f~i!b@e#r$h%o^m*esuperadmin / s(f)u_h+g|u credentials for an ISP. | |||||
CVE-2020-35929 | 1 Kaspersky | 1 Tinycheck | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data. | |||||
CVE-2020-11615 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | |||||
CVE-2021-27151 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP. | |||||
CVE-2019-14482 | 1 Adremsoft | 1 Netcrunch | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | |||||
CVE-2020-27278 | 1 Hamilton-medical | 2 Hamilton-t1, Hamilton-t1 Firmware | 2023-12-10 | 3.6 LOW | 5.2 MEDIUM |
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface. | |||||
CVE-2020-11857 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user | |||||
CVE-2020-10210 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH. | |||||
CVE-2020-11720 | 1 Bilanc | 1 Bilanc | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password. | |||||
CVE-2021-27156 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface. | |||||
CVE-2020-11483 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. |