WebApr 4, 2024 · 3.2.1 use of hard-coded credentials cwe-798 The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with unauthenticated access to the Nexx Home mobile application or the affected firmware could view the credentials and access the MQ Telemetry Server (MQTT) server and the ability to … WebDescription . A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard …
Hardcoded credentials continue to bedevil Cisco TechTarget
WebJan 26, 2024 · Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.) ... CWE Name Source; CWE … WebAcclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. Severity CVSS Version 3.x CVSS Version 2.0 CVSS 3.x Severity and Metrics: NIST: NVD Base Score: 8.1 HIGH … max mileae for automatic transmission
NVD - CVE-2024-1748
WebAug 31, 2024 · Description Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors. Severity CVSS Version 3.x CVSS Version 2.0 CVSS 3.x Severity and Metrics: NIST: NVD Base Score: 5.5 MEDIUM Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N WebUse of Hard-coded Credentials The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, … WebHard-coded credentials typically create a significant hole that allows an attacker to bypass the authentication that has been configured by the product administrator. This hole might be difficult for the system administrator to detect. Common Weakness Enumeration (CWE) is a list of software and hardware … maxmilion_and_me