Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-7225

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-27 Jun, 2019 | 16:38
Updated At-04 Aug, 2024 | 20:46
Rejected At-
Credits

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:27 Jun, 2019 | 16:38
Updated At:04 Aug, 2024 | 20:46
Rejected At:
▼CVE Numbering Authority (CNA)

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://seclists.org/fulldisclosure/2019/Jun/38
mailing-list
x_refsource_FULLDISC
http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html
x_refsource_MISC
https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/
x_refsource_MISC
http://seclists.org/fulldisclosure/2019/Jun/38
mailing-list
x_refsource_FULLDISC
http://www.securityfocus.com/bid/108922
vdb-entry
x_refsource_BID
Hyperlink: http://seclists.org/fulldisclosure/2019/Jun/38
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html
Resource:
x_refsource_MISC
Hyperlink: https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/
Resource:
x_refsource_MISC
Hyperlink: http://seclists.org/fulldisclosure/2019/Jun/38
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.securityfocus.com/bid/108922
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://seclists.org/fulldisclosure/2019/Jun/38
mailing-list
x_refsource_FULLDISC
x_transferred
http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html
x_refsource_MISC
x_transferred
https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/
x_refsource_MISC
x_transferred
http://seclists.org/fulldisclosure/2019/Jun/38
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.securityfocus.com/bid/108922
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2019/Jun/38
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2019/Jun/38
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/108922
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:27 Jun, 2019 | 17:15
Updated At:16 May, 2023 | 11:15

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.05.8MEDIUM
AV:A/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 5.8
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
ABB
abb
>>cp620_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp620_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp620>>-
cpe:2.3:h:abb:cp620:-:*:*:*:*:*:*:*
ABB
abb
>>cp620-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp620-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp620-web>>-
cpe:2.3:h:abb:cp620-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp630_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp630_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp630>>-
cpe:2.3:h:abb:cp630:-:*:*:*:*:*:*:*
ABB
abb
>>cp630-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp630-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp630-web>>-
cpe:2.3:h:abb:cp630-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp635_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp635_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp635>>-
cpe:2.3:h:abb:cp635:-:*:*:*:*:*:*:*
ABB
abb
>>cp635-b_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp635-b_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp635-b>>-
cpe:2.3:h:abb:cp635-b:-:*:*:*:*:*:*:*
ABB
abb
>>cp635-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp635-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp635-web>>-
cpe:2.3:h:abb:cp635-web:-:*:*:*:*:*:*:*
ABB
abb
>>pb610_firmware>>Versions from 1.91(inclusive) to 2.8.0.3674(inclusive)
cpe:2.3:o:abb:pb610_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>pb610>>-
cpe:2.3:h:abb:pb610:-:*:*:*:*:*:*:*
ABB
abb
>>cp651-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp651-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp651-web>>-
cpe:2.3:h:abb:cp651-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp661_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp661_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp661>>-
cpe:2.3:h:abb:cp661:-:*:*:*:*:*:*:*
ABB
abb
>>cp661-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp661-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp661-web>>-
cpe:2.3:h:abb:cp661-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp665_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp665_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp665>>-
cpe:2.3:h:abb:cp665:-:*:*:*:*:*:*:*
ABB
abb
>>cp665-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp665-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp665-web>>-
cpe:2.3:h:abb:cp665-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp676_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp676_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp676>>-
cpe:2.3:h:abb:cp676:-:*:*:*:*:*:*:*
ABB
abb
>>cp676-web_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp676-web_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp676-web>>-
cpe:2.3:h:abb:cp676-web:-:*:*:*:*:*:*:*
ABB
abb
>>cp651_firmware>>Versions up to 1.76(inclusive)
cpe:2.3:o:abb:cp651_firmware:*:*:*:*:*:*:*:*
ABB
abb
>>cp651>>-
cpe:2.3:h:abb:cp651:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-798Primarynvd@nist.gov
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.htmlcve@mitre.org
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2019/Jun/38cve@mitre.org
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/108922cve@mitre.org
Third Party Advisory
VDB Entry
https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/cve@mitre.org
Exploit
Patch
Third Party Advisory
Hyperlink: http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://seclists.org/fulldisclosure/2019/Jun/38
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/108922
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/
Source: cve@mitre.org
Resource:
Exploit
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

64Records found
CVE-2021-39613
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.30% / 79.45%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 21:20
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dvg-3104ms_firmwaredvg-3104msn/advg-3104ms_firmware
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-2765
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.6||HIGH
EPSS-0.09% / 25.17%
||
7 Day CHG+0.06%
Published-23 Apr, 2025 | 16:48
Updated-11 Jul, 2025 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability

CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from the use of hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-24349.

Action-Not Available
Vendor-carlinkitCarlinKit
Product-autokitcpc200-ccpaCPC200-CCPA
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-32145
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.72%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-16 May, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability

D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-18455.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1360dap-2020_firmwaredap-1360_firmwaredap-2020DAP-1360dap-1360
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-9495
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-8.8||HIGH
EPSS-0.21% / 42.82%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 20:00
Updated-06 Aug, 2024 | 02:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.

Action-Not Available
Vendor-hughesHughes Satellite Modem
Product-hn7000sm_firmwarehn7740shn7000smhn7000sdw7000hn7740s_firmwaredw7000_firmwarehn7000s_firmwareHN7740SDW7000HN7000S/SM
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-14126
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.03% / 8.00%
||
7 Day CHG~0.00%
Published-06 Dec, 2025 | 10:02
Updated-08 Dec, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials

A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOZED
Product-ZLT M30SZLT M30S PRO
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-32454
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-9.6||CRITICAL
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-17 May, 2021 | 17:36
Updated-16 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SITEL CAP/PRX hardcoded credentials

SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access to the device could modify these credentials, leaving the administrators of the device without access.

Action-Not Available
Vendor-sitel-saSITEL
Product-remote_cap\/prxremote_cap\/prx_firmwareCAP/PRX
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-32993
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.1||HIGH
EPSS-0.03% / 9.41%
||
7 Day CHG~0.00%
Published-27 Dec, 2021 | 18:48
Updated-17 Sep, 2024 | 03:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Philips IntelliBridge EC 40 and EC 80 Hub Use of Hard-coded Credentials

IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Action-Not Available
Vendor-Philips
Product-intellibridge_ec80intellibridge_ec40intellibridge_ec40_firmwareintellibridge_ec80_firmwareIntelliBridge EC 40 HubIntelliBridge EC 80 Hub
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-27254
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.3||MEDIUM
EPSS-0.08% / 24.58%
||
7 Day CHG~0.00%
Published-05 Mar, 2021 | 20:00
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-br500_firmwarerbk12rbk43sbr500ex6150v2_firmwarer8900_firmwarerbr40_firmwarerbk23_firmwarerbk14_firmwarerbk15_firmwareex6410ex6420_firmwareex7300v2_firmwarebr200_firmwareex6250_firmwarerbk53_firmwarexr500_firmwarexr700_firmwarerbk15xr450_firmwareex7300rbk12_firmwarerbs40rbs50y_firmwarer8900rbs40_firmwarer9000_firmwarerbr10rbs10_firmwarerbk43_firmwareex6410_firmwarerbs20rbs50_firmwarerbs50yr9000ex6400v2ex6100v2ex7700_firmwarer7800rbk23rbs10r7800_firmwareex6100v2_firmwarerbk20_firmwarexr450xr700ex6400rbk43s_firmwarerbk20ex6400_firmwarerbk14ex7300_firmwarerbk44_firmwarerbs20_firmwarebr200d7800rbk44ex6150v2ex8000rbk40ex7320_firmwarerbr20rbk40_firmwarerbk13xr500ex6400v2_firmwareex6420ex7300v2d7800_firmwarerbk43ex8000_firmwareex6250rbr10_firmwarerbr40rbs50rbr50_firmwarerbr50ex7700rbk13_firmwarelbr20rbr20_firmwareex7320rbk50rbk53lbr20_firmwarerbk50_firmwareR7800
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-51629
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.3||MEDIUM
EPSS-0.19% / 41.19%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:15
Updated-25 Nov, 2024 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability

D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the ONVIF API. The issue results from the use of a hardcoded PIN. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-21492.

Action-Not Available
Vendor-D-Link Corporation
Product-dcs-8300lhv2dcs-8300lhv2_firmwareDCS-8300LHV2DCS-8300LHV2
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-46102
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.03%
||
7 Day CHG~0.00%
Published-25 Oct, 2023 | 14:19
Updated-11 Sep, 2024 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to execute on the HMI device. The protocol builds on top of MQTT to implement the remote management of the device is encrypted with a hard-coded DES symmetric key, that can be retrieved reversing both the Android Client application and the server-side web application. This issue allows an attacker able to control a malicious MQTT broker on the same subnet network of the device, to craft malicious messages and send them to the HMI device, executing arbitrary commands on the device itself.

Action-Not Available
Vendor-Bosch Rexroth AG
Product-ctrlx_hmi_web_panel_wr2107ctrlx_hmi_web_panel_wr2115_firmwarectrlx_hmi_web_panel_wr2107_firmwarectrlx_hmi_web_panel_wr2110ctrlx_hmi_web_panel_wr2115ctrlx_hmi_web_panel_wr2110_firmwarectrlX HMI Web Panel - WR21 (WR2110)ctrlX HMI Web Panel - WR21 (WR2115)ctrlX HMI Web Panel - WR21 (WR2107)ctrl_hmi_web_panel-wr21_\(wr2107\)ctrl_hmi_web_panel-wr21_\(wr2115\)ctrl_hmi_web_panel-wr21_\(wr2110\)
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-41030
Matching Score-4
Assigner-Exodus Intelligence
ShareView Details
Matching Score-4
Assigner-Exodus Intelligence
CVSS Score-6.3||MEDIUM
EPSS-0.11% / 29.84%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 18:22
Updated-25 Sep, 2024 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juplink RX4-1500 Hard-coded Credential Vulnerability

Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated attackers to log in to the web interface or telnet service as the 'user' user.

Action-Not Available
Vendor-juplinkJuplink
Product-rx4-1500_firmwarerx4-1500RX4-1500
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-41612
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.09% / 24.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-14 Apr, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card.

Action-Not Available
Vendor-govicturen/avicture
Product-pc420_firmwarepc420n/apc420_firmware
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-41610
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.42%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-14 Apr, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext.

Action-Not Available
Vendor-govicturen/agovicture
Product-pc420_firmwarepc420n/apc420_firmware
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-4017
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.1||HIGH
EPSS-0.10% / 27.84%
||
7 Day CHG~0.00%
Published-13 May, 2019 | 15:21
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability.

Action-Not Available
Vendor-anker-inn/a
Product-roav_dashcam_a1_firmwareroav_dashcam_a1Anker
CWE ID-CWE-798
Use of Hard-coded Credentials
  • Previous
  • 1
  • 2
  • Next
Details not found