Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27158 | 2024-06-17 | 7.4 High | ||
| All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2024-29844 | 2024-06-06 | 9.8 Critical | ||
| Default credentials on the Web Interface of Evolution Controller 2.x (123 and 123) allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the user to change the default password. | ||||
| CVE-2024-5245 | 2024-06-04 | N/A | ||
| NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from the use of default MySQL credentials. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22755. | ||||
| CVE-2024-4622 | 2024-06-04 | N/A | ||
| If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator. | ||||
| CVE-2024-30210 | 2024-04-15 | 7.4 High | ||
| IO-1020 Micro ELD uses a default WIFI password that could allow an adjacent attacker to connect to the device. | ||||
| CVE-2024-31069 | 2024-04-15 | 7.4 High | ||
| IO-1020 Micro ELD web server uses a default password for authentication. | ||||
| CVE-2023-49621 | 1 Siemens | 1 Simatic Cn 4100 | 2024-01-11 | 9.8 Critical |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device. | ||||
| CVE-2023-30801 | 1 Qbittorrent | 1 Qbittorrent | 2023-11-30 | 9.8 Critical |
| All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023. | ||||
| CVE-2023-3703 | 1 Proscend | 40 A510-f1, A510-f1 Firmware, A510-l1 and 37 more | 2023-09-07 | 9.8 Critical |
| Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials | ||||
Page 1 of 1.