An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password.
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password.
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.
The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data.
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.
auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, (2) user, and (3) roxon accounts, which allows remote attackers to read arbitrary files from the FTP server.
An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password.
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
`tktchurch/website` contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized party gains access to this key, they could potentially carry out transactions on behalf of the organization, leading to financial losses. Additionally, they could access sensitive customer information, leading to privacy violations and potential legal implications. The affected component is the codebase of our project, specifically the file(s) where the Stripe API key is embedded. The key should have been stored securely, and not committed to the codebase. The maintainers plan to revoke the leaked Stripe API key immediately, generate a new one, and not commit the key to the codebase.
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm (no salt) and uses the first five bytes as the key for RC4. The configuration file is then encrypted with these parameters.
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse.This issue affects SoliClub: before 5.3.7.
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server.
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading to unauthorized access to sensitive functions.
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol.
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers, with low privileges, to (1) add an admin user via the /api/user/addalias route; (2) modifiy a user via the /api/user/updatealiasroute; (4) delete users via the /api/user/delalias route; (4) get users via the /api/user/aliases route; (5) add a root group via the /api/user/adduserroute; (6) modifiy a group via the /api/user/updateuser route; (7) delete a group via the /api/user/deluser route; (8) get groups via the /api/user/usersroute; (9) add an admin role via the /api/user/addrole route; (10) modifiy a role via the /api/user/updaterole route; (11) delete a role via the /api/user/delrole route; (12) get roles via the /api/user/roles route.
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.
A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.
Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields.
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.
eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key.
An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code.
A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass authentication and access internal pages and other sensitive information.
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to 2.6.14 use a hard-coded secret key for JWT. Secret key for JWT may be retrieved if the application binary is reverse-engineered.
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which it uses for its own inbound authentication that could be obtained by a malicious actor. IBM X-Force ID: 287317.
Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance.
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets.
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0.
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow.sample.
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application reveals hardcoded API keys.
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini.
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.
Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the presence of a static username and password configured on the vManage. An attacker could exploit this vulnerability by sending a crafted HTTP request to a reachable vManage on port 9200. A successful exploit could allow the attacker to view the Elasticsearch database content. There are workarounds that address this vulnerability.
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP.
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information.
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information.
Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0.
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled.