Total
965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35491 | 1 Totolink | 2 A3002ru, A3002ru Firmware | 2022-08-12 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. | |||||
| CVE-2022-34993 | 1 Totolink | 2 A3600r, A3600r Firmware | 2022-08-10 | N/A | 9.8 CRITICAL |
| Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample. | |||||
| CVE-2022-35866 | 1 Vinchin | 1 Vinchin Backup And Recovery | 2022-08-10 | N/A | 9.8 CRITICAL |
| This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The server uses a hard-coded password for the administrator user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17139. | |||||
| CVE-2022-22144 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 9.8 CRITICAL |
| A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability. | |||||
| CVE-2022-30314 | 1 Honeywell | 2 Safety Manager, Safety Manager Firmware | 2022-08-05 | N/A | 4.6 MEDIUM |
| Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054). | |||||
| CVE-2020-7352 | 1 Gog | 1 Galaxy | 2022-08-05 | 7.2 HIGH | 8.8 HIGH |
| The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This issue affects the 2.0.x branch of the software (2.0.12 and earlier) as well as the 1.2.x branch (1.2.64 and earlier). A fix was issued for the 2.0.x branch of the affected software. | |||||
| CVE-2021-1574 | 1 Cisco | 1 Business Process Automation | 2022-08-05 | 9.0 HIGH | 8.8 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator. | |||||
| CVE-2021-1576 | 1 Cisco | 1 Business Process Automation | 2022-08-05 | 4.0 MEDIUM | 8.8 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator. | |||||
| CVE-2022-29962 | 1 Emerson | 48 Deltav Distributed Control System Sq Controller, Deltav Distributed Control System Sq Controller Firmware, Deltav Distributed Control System Sx Controller and 45 more | 2022-08-04 | N/A | 5.5 MEDIUM |
| The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. | |||||
| CVE-2022-29963 | 1 Emerson | 48 Deltav Distributed Control System Sq Controller, Deltav Distributed Control System Sq Controller Firmware, Deltav Distributed Control System Sx Controller and 45 more | 2022-08-04 | N/A | 5.5 MEDIUM |
| The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. | |||||
| CVE-2022-29964 | 1 Emerson | 48 Deltav Distributed Control System Sq Controller, Deltav Distributed Control System Sq Controller Firmware, Deltav Distributed Control System Sx Controller and 45 more | 2022-08-04 | N/A | 5.5 MEDIUM |
| The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350. | |||||
| CVE-2022-26138 | 1 Atlassian | 3 Confluence Data Center, Confluence Server, Questions For Confluence | 2022-08-04 | N/A | 9.8 CRITICAL |
| The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app. | |||||
| CVE-2021-22644 | 1 Ovarro | 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more | 2022-08-04 | N/A | 9.8 CRITICAL |
| Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. | |||||
| CVE-2022-36952 | 1 Veritas | 1 Netbackup | 2022-08-03 | N/A | 9.8 CRITICAL |
| In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | |||||
| CVE-2022-29953 | 1 Bakerhughes | 8 Bently Nevada 3701\/40, Bently Nevada 3701\/40 Firmware, Bently Nevada 3701\/44 and 5 more | 2022-08-02 | N/A | 9.8 CRITICAL |
| The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality. | |||||
| CVE-2022-30270 | 1 Motorola | 2 Ace1000, Ace1000 Firmware | 2022-08-02 | N/A | 9.8 CRITICAL |
| The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5 preconfigured accounts (root, abuilder, acelogin, cappl, ace), all of which come with default credentials. Although the ACE1000 documentation mentions the root, abuilder and acelogin accounts and instructs users to change the default credentials, the cappl and ace accounts remain undocumented and thus are unlikely to have their credentials changed. | |||||
| CVE-2022-30271 | 1 Motorola | 2 Ace1000, Ace1000 Firmware | 2022-08-02 | N/A | 9.8 CRITICAL |
| The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default. | |||||
| CVE-2022-30274 | 1 Motorola | 2 Ace1000, Ace1000 Firmware | 2022-08-02 | N/A | 9.8 CRITICAL |
| The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB mode using a hardcoded key. Similarly, the ACE1000 RTU can route MDLC traffic over Extended Command and Management Protocol (XCMP) and Network Layer (XNL) networks via the MDLC driver. Authentication to the XNL port is protected by TEA in ECB mode using a hardcoded key. | |||||
| CVE-2022-34906 | 1 Filewave | 1 Filewave | 2022-08-02 | N/A | 7.5 HIGH |
| A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests. | |||||
| CVE-2022-35287 | 1 Ibm | 1 Security Verify Information Queue | 2022-08-01 | N/A | 7.5 HIGH |
| IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 230817. | |||||