Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6535 | 1 Redhat | 1 Service Interconnect | 2024-11-21 | N/A | 5.3 MEDIUM |
| A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie. | |||||
| CVE-2024-5632 | 2024-11-21 | N/A | N/A | ||
| Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device, create a WiFi network with a default password. A user is neither advised to change it during the installation process, nor such a need is described in the manual. As the cameras from the same kit connect automatically, it is very probable for the default password to be left unchanged. | |||||
| CVE-2024-4007 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured. | |||||
| CVE-2024-31069 | 2024-11-21 | N/A | 7.4 HIGH | ||
| IO-1020 Micro ELD web server uses a default password for authentication. | |||||
| CVE-2024-28093 | 2024-11-21 | N/A | 8.8 HIGH | ||
| The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account. | |||||
| CVE-2024-27158 | 2024-11-21 | N/A | 7.4 HIGH | ||
| All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. | |||||
| CVE-2023-49621 | 1 Siemens | 1 Simatic Cn 4100 | 2024-11-21 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device. | |||||
| CVE-2023-43844 | 2024-11-21 | N/A | 8.0 HIGH | ||
| Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged web interface account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the web interface and gain administrator privileges. | |||||
| CVE-2023-3703 | 1 Proscend | 40 A510-f1, A510-f1 Firmware, A510-l1 and 37 more | 2024-11-21 | N/A | 10.0 CRITICAL |
| Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials | |||||
| CVE-2023-30603 | 1 Hitrontech | 2 Coda-5310, Coda-5310 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remote attackers can exploit this vulnerability to obtain the administrator’s privilege, resulting in performing arbitrary system operation or disrupt service. | |||||
| CVE-2024-6245 | 2024-11-07 | N/A | 7.4 HIGH | ||
| Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue affects SmartPlay: 66T0.05.50. | |||||
| CVE-2024-39747 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling Connect Direct Web Services, Linux Kernel and 1 more | 2024-09-16 | N/A | 9.8 CRITICAL |
| IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. | |||||
| CVE-2024-7746 | 1 Traccar | 1 Traccar | 2024-08-22 | N/A | 9.8 CRITICAL |
| Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | |||||