Vulnerabilities (CVE)

Filtered by CWE-798
Total 1280 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28999 1 Mygeeni 2 Gnc-cw013, Gnc-cw013 Firmware 2024-11-21 6.5 MEDIUM 7.2 HIGH
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a shared library (libhipcam.so) used to provide the streaming camera service.
CVE-2020-28998 1 Mygeeni 2 Gnc-cw013, Gnc-cw013 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the Telnet service that allows a remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password.
CVE-2020-28952 1 Homey 4 Homey, Homey Firmware, Homey Pro and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered on Athom Homey and Homey Pro devices before 5.0.0. ZigBee hub devices should generate a unique Standard Network Key that is then exchanged with all enrolled devices so that all inter-device communication is encrypted. However, the cited Athom products use another widely known key that is designed for testing purposes: "01030507090b0d0f00020406080a0c0d" (the decimal equivalent of 1 3 5 7 9 11 13 15 0 2 4 6 8 10 12 13), which is human generated and static across all issued devices.
CVE-2020-28334 1 Barco 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell.
CVE-2020-28329 1 Barco 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19.
CVE-2020-27689 1 Imomobile 2 Verve Connect Vh510, Verve Connect Vh510 Firmware 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a malicious version.
CVE-2020-27278 1 Hamilton-medical 2 Hamilton-t1, Hamilton-t1 Firmware 2024-11-21 3.6 LOW 5.2 MEDIUM
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface.
CVE-2020-27256 1 Sooil 6 Anydana-a, Anydana-a Firmware, Anydana-i and 3 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings.
CVE-2020-27181 1 Konzept-ix 1 Publixone 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.
CVE-2020-26892 2 Fedoraproject, Linuxfoundation 2 Fedora, Nats-server 2024-11-21 7.5 HIGH 9.8 CRITICAL
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
CVE-2020-26879 1 Commscope 2 Ruckus Iot Module, Ruckus Vriot 2024-11-21 10.0 HIGH 9.8 CRITICAL
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.
CVE-2020-26509 1 Airleader 3 Airleader Easy, Airleader Master, Airleader Master Control 2024-11-21 5.0 MEDIUM 7.5 HIGH
Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service.
CVE-2020-26097 1 Planet 4 Nvr-1615, Nvr-1615 Firmware, Nvr-915 and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. By exposing telnet on the Internet, remote root access on the device is possible. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2020-25752 1 Enphase 2 Envoy, Envoy Firmware 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel login passwords for the installer and Enphase accounts. The passwords for these accounts are hardcoded values derived from the MD5 hash of the username and serial number mixed with some static strings. The serial number can be retrieved by an unauthenticated user at /info.xml. These passwords can be easily calculated by an attacker; users are unable to change these passwords.
CVE-2020-25749 1 Rubetek 6 Rv-3406, Rv-3406 Firmware, Rv-3409 and 3 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password cannot be changed via standard functionality.
CVE-2020-25688 1 Redhat 1 Advanced Cluster Management For Kubernetes 2024-11-21 2.7 LOW 3.5 LOW
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network traffic internal to a cluster, they could use the private key to decode API requests that should be protected by TLS sessions, potentially obtaining information they would not otherwise be able to. These certificates are not used for service authentication, so no opportunity for impersonation or active MITM attacks were made possible.
CVE-2020-25620 1 Solarwinds 1 N-central 2024-11-21 4.6 MEDIUM 7.8 HIGH
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named support@n-able.com and nableadmin@n-able.com. These allow logins to the N-Central Administrative Console (NAC) and/or the regular web interface.
CVE-2020-25565 1 Sapphireims 1 Sapphireims 2024-11-21 7.5 HIGH 9.8 CRITICAL
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server.
CVE-2020-25561 1 Sapphireims 1 Sapphireims 2024-11-21 4.6 MEDIUM 7.8 HIGH
SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client.
CVE-2020-25560 1 Sapphireims 1 Sapphireims 2024-11-21 7.5 HIGH 9.8 CRITICAL
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. We also observed the same is true if the JSESSIONID is completely removed.