Search
Total
462 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-6403 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2017-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. | |||||
| CVE-2016-8567 | 1 Siemens | 1 Sicam Pas | 2017-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP. | |||||
| CVE-2016-8491 | 1 Fortinet | 1 Fortiwlc | 2017-02-24 | 9.4 HIGH | 9.1 CRITICAL |
| The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. | |||||
| CVE-2016-5818 | 1 Schneider-electric | 2 Powerlogic Pm8ecc, Powerlogic Pm8ecc Firmware | 2017-02-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device. | |||||
| CVE-2016-8954 | 1 Ibm | 1 Dashdb Local | 2017-02-15 | 7.5 HIGH | 9.8 CRITICAL |
| IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | |||||
| CVE-2016-10115 | 1 Netgear | 8 Arlo Base Station Firmware, Arlo Q Camera Firmware, Arlo Q Plus Camera Firmware and 5 more | 2017-01-11 | 10.0 HIGH | 9.8 CRITICAL |
| NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration. | |||||
| CVE-2015-2867 | 1 Trane | 1 Comfortlink Ii Firmware | 2017-01-11 | 10.0 HIGH | 9.8 CRITICAL |
| A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. | |||||
| CVE-2016-7560 | 1 Fortinet | 1 Fortiwlc | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors. | |||||
| CVE-2016-6535 | 1 Aver | 2 Eh6108h\+, Eh6108h\+ Firmware | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session. | |||||
| CVE-2016-6532 | 1 Dexis | 1 Imaging Suite | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session. | |||||
| CVE-2016-6530 | 1 Dentsply Sirona | 1 Cdr Dicom | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords. | |||||
| CVE-2016-5081 | 1 Zmodo | 2 Zp-ibh-13w, Zp-ne-14-s | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session. | |||||