Total
1498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27154 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP. | |||||
| CVE-2021-27153 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. | |||||
| CVE-2021-27152 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded awnfibre / fibre@dm!n credentials for an ISP. | |||||
| CVE-2021-27151 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP. | |||||
| CVE-2021-27150 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP. | |||||
| CVE-2021-27149 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded adminpldt / z6dUABtl270qRxt7a2uGTiw credentials for an ISP. | |||||
| CVE-2021-27148 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP. | |||||
| CVE-2021-27147 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP. | |||||
| CVE-2021-27146 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP. | |||||
| CVE-2021-27145 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP. | |||||
| CVE-2021-27144 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded f~i!b@e#r$h%o^m*esuperadmin / s(f)u_h+g|u credentials for an ISP. | |||||
| CVE-2021-27143 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / user1234 credentials for an ISP. | |||||
| CVE-2021-27142 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions. | |||||
| CVE-2021-27141 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded *j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g key. (The webs binary has details on how XOR is used.) | |||||
| CVE-2021-26611 | 1 Hej | 2 Hejhome Gkw-ic052, Hejhome Gkw-ic052 Firmware | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.(reboot, factory reset, snapshot etc..) | |||||
| CVE-2021-26579 | 1 Hpe | 1 Unified Data Management | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM). Version 1.2103.0 of HPE Unified Data Management (UDM) removes all hard-coded cryptographic keys. | |||||
| CVE-2021-26108 | 1 Fortinet | 1 Fortios | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering. | |||||
| CVE-2021-25898 | 1 Void | 1 Aural Rec Monitor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server. | |||||
| CVE-2021-25275 | 1 Solarwinds | 1 Orion Platform | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database. | |||||
| CVE-2021-24005 | 1 Fortinet | 1 Fortiauthenticator | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
| Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key. | |||||