Total
1273 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3803 | 1 Cisco | 2 Unified Wireless Ip Phone 7920, Unified Wireless Ip Phone 7920 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-3716 | 1 Utstarcom | 2 F1000 Wi-fi, F1000 Wi-fi Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information. | |||||
| CVE-2005-0496 | 1 Arkeia | 1 Network Backup | 2024-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands. | |||||
| CVE-2000-1139 | 1 Microsoft | 1 Exchange Server | 2024-11-20 | 7.5 HIGH | N/A |
| The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | |||||
| CVE-2024-42450 | 2024-11-19 | N/A | 10.0 CRITICAL | ||
| The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres to listen on all network interfaces. This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system. Exploitation Status: Versa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment. Workarounds or Mitigation: Starting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. For older releases, Versa recommends performing manual hardening of HA ports. Please refer to the following link for the steps https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Secure_HA_Ports This vulnerability is not exploitable on Versa Directors if published Firewall guidelines are implemented. We have validated that no Versa-hosted head ends have been affected by this vulnerability. All Versa-hosted head ends are patched and hardened. Please contact Versa Technical Support or Versa account team for any further assistance. Software Download Links: 22.1.4: https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4 | |||||
| CVE-2020-12627 | 1 Janeczku | 1 Calibre-web | 2024-11-19 | 7.5 HIGH | 9.8 CRITICAL |
| Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key. | |||||
| CVE-2024-7295 | 1 Progress | 1 Telerik Report Server | 2024-11-18 | N/A | 6.2 MEDIUM |
| In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. | |||||
| CVE-2024-49060 | 2024-11-18 | N/A | 8.8 HIGH | ||
| Azure Stack HCI Elevation of Privilege Vulnerability | |||||
| CVE-2024-48971 | 2024-11-15 | N/A | 9.3 CRITICAL | ||
| The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician privileges. | |||||
| CVE-2024-52295 | 2024-11-13 | N/A | N/A | ||
| DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2. | |||||
| CVE-2024-31151 | 1 Level1 | 2 Wbr-6012, Wbr-6012 Firmware | 2024-11-13 | N/A | 9.8 CRITICAL |
| A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be found at addresses 0x 803cdd0f and 0x803da3e6: 803cdd0f 41 72 69 65 ds "AriesSerenaCairryNativitaMegan" 73 53 65 72 65 6e 61 43 ... It is referenced by the function at 0x800b78b0 and simplified in the pseudocode below: if (is_equal = strcmp(password,"AriesSerenaCairryNativitaMegan"){ ret = 3;} Where 3 is the return value to user-level access (0 being fail and 1 being admin/backdoor). While there's no legitimate functionality to change this password, once authenticated it is possible manually make a change by taking advantage of TALOS-2024-XXXXX using HTTP POST paramater "Pu" (new user password) in place of "Pa" (new admin password). | |||||
| CVE-2024-28875 | 1 Level1 | 2 Wbr-6012, Wbr-6012 Firmware | 2024-11-13 | N/A | 8.1 HIGH |
| A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910 80100910 40 6d 21 74 ds "@m!t2K1" 32 4b 31 00 It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below: if ((SECOND_FROM_BOOT_TIME < 300) && (is_equal = strcmp(password,"@m!t2K1")) { return 1;} Where 1 is the return value to admin-level access (0 being fail and 3 being user). | |||||
| CVE-2024-38480 | 2024-11-12 | N/A | 4.0 MEDIUM | ||
| "Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability. | |||||
| CVE-2024-9486 | 1 Kubernetes | 1 Image Builder | 2024-11-08 | N/A | 9.8 CRITICAL |
| A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be accessible via these default credentials. The credentials can be used to gain root access. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project with its Proxmox provider. | |||||
| CVE-2024-9594 | 1 Kubernetes | 1 Image Builder | 2024-11-08 | N/A | 8.1 HIGH |
| A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusion of the image build process. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project. Because these images were vulnerable during the image build process, they are affected only if an attacker was able to reach the VM where the image build was happening and used the vulnerability to modify the image at the time the image build was occurring. | |||||
| CVE-2024-50593 | 2024-11-08 | N/A | 7.8 HIGH | ||
| An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software. | |||||
| CVE-2024-5764 | 1 Sonatype | 1 Nexus | 2024-11-06 | N/A | 6.5 MEDIUM |
| Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0. | |||||
| CVE-2024-10748 | 1 Cosmote | 1 What\'s Up | 2024-11-06 | 1.0 LOW | 4.7 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-51431 | 1 Lb-link | 2 Bl-wr1300h, Bl-wr1300h Firmware | 2024-11-05 | N/A | 9.8 CRITICAL |
| LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable. | |||||
| CVE-2024-20412 | 1 Cisco | 22 Firepower 1000, Firepower 1010, Firepower 1020 and 19 more | 2024-11-05 | N/A | 8.4 HIGH |
| A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device. | |||||