SF (securefiles) is a local intrusion detection system (IDS) which will get the hashes for the specified files and create a database which is then then it is encrypted with AES. The executable checks itself, and a phrase is displayed (we select it on the installation) every time the program run successfully.
3149931855b0aa87c4b6852889675d677b6c52f94dc9e41de421798f404d911aDlxSpot Player4 LED video wall has a hardcoded password that allows you to ssh in and escalate to root.
ad7221803cc82d07c5c7cb36a0c7fa5ab1c1470b7d79822c80ae2cf2222c91efRed Hat Security Advisory 2017-2335-01 - Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority subsystem. Security Fix: It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates.
52da16b7f5cada3618cecf32b6c6a386fe53e450a412c32a4748cfa33f276e1dThis Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database. Command injection will be performed with root privileges. The default pre-packaged ISO builds are available from goautodial.org. Currently, the hardcoded command injection payload is an encoded reverse-tcp bash one-liner and the handler should be setup to receive it appropriately.
94721ce87cbcec20c3b6fb430d3119351af84675d49a97004d25f1efe7edfa5dThe Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6.
ad169956f0f3396698d40c18a3a0e55793e890d9d218704c030183521609a602Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
3f138413d3ee07b7fb98c0ec9430dcebbf62f40cd8ffb3fa592f0455512444f9DragonWave Horizon version 1.01.03 suffers from having hardcoded credentials embedded in the device.
07fb435be21a3d69e7b704cc6f1844bf8bd4a0b4dcbf64c0fbf09ed42effb437Ubuntu Security Notice 3115-1 - Marti Raudsepp discovered that Django incorrectly used a hardcoded password when running tests on an Oracle database. A remote attacker could possibly connect to the database while the tests are running and prevent the test user with the hardcoded password from being removed. Aymeric Augustin discovered that Django incorrectly validated hosts when being run with the debug setting enabled. A remote attacker could possibly use this issue to perform DNS rebinding attacks. Various other issues were also addressed.
5c1c9d1d1e38a457538fe86e55cd49a207d781efdf2c75c50ac71022097da8d7Papouch TME ethernet thermometer and TME multi: Temperature and humidity via ethernet both suffer from cross site request forgery, hardcoded backdoor super user accounts, and missing access controls.
f0ee50dfb9961307792f4a00e338a077ffcc384ad59b75c9c48148eb47af0af9Plain text hardcoded passwords have been discovered in /bin/busybox and /bin/dropbear for Zyxel MAX3XX series Wimax CPEs.
1bc5c071cbf8b319d60aa2b1977e287555fe15a20c2bad788a3e9e49ae3bc5e6PLANET IP surveillance camera model ICA-5350V suffers from authentication bypass, cross site request forgery, cross site scripting, arbitrary file read, hardcoded credential, and local file inclusion vulnerabilities.
9760b0ddcfb05af2b4f17976ad5b7b98e7d7ce2e5fee368b40236d57d5e5a7b7Seagate GoFlex Satellite Mobile Wireless Storage devices contain a hardcoded backdoor account. An attacker could use this account to remotely tamper with the underlying operating system when Telnet is enabled.
5c61cfee09fbb37a6bafacad5f5ac3b5b476c894b553933c75614523958a3ff4Ubuntu Security Notice 2798-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.
6649cd17ec172a9028297c6a84efa56fd8d1bb0dd8b66dfd953dff08842d3201Ubuntu Security Notice 2794-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.
d72db36d467063f69248cba2ae0538f9bd93137e88956d418b4d1dc459905462Ubuntu Security Notice 2795-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.
6eb29057a4db55f8f04ae5018e54336f3a2e3aa5db0fd199bbf9510c2e577ba5Ubuntu Security Notice 2799-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.
450ae6ee55e79e39be901da50667be2a167fb55a0a72d556efd8ccbf7a9eccd5Various Ubiquiti Networks products suffer from having hardcoded keys and also having remote management interfaces enabled that can be leveraged by these credentials.
92721278eb65c5e1f8f671b891d965595191b866fed7ef14a87bd372a6353da0The connection string for ELK cloud-azure plugin contains hardcoded http url with the lack of encryption and certificate validation, therefore it is prone to sniffing and MiTM attacks. A potential attacker with the required access to the network traffic would be able to intercept the content of the indexes snapshots.
b9cb4d374481587d608107ba93bf30d52ff5610e4e98d41e70599fe1f0ceeca7Silver Peak VX virtual appliance running VXOA before version 6.2.11 contains a number of security vulnerabilities, including command injection, unauthenticated file read, mass assignment, shell upload, and hardcoded credentials. By combining these vulnerabilities, an attacker may remotely obtain root privileges on the underlying host.
36799a3c7e2af82faa6d01908af9360ddba720c30151c46a004891b6be136f05An attacker can use hardcoded credentials to get unauthorized access and perform various actions in the NetWeaver AS ABAP. In addition, it is likely that the code will be implemented into the system as a backdoor.
5a75b13440345faa89ce27ef064614c82121ab50b4b42ab3b21bb4420ecb4fcfSAP NetWeaver AS ABAP contains a hardcoded username that changes the system's behavior if the user is authenticated successfully. The user may obtain additional information that should not be displayed.
f09b401a94dc0abc65731e388b4e547146fdc661d853f92abd976848dbd808a18 TOTOLINK router models have backdoor hardcoded credentials and suffer from remote command execution vulnerabilities.
da4f3b45bf033743303421b024a5e6709556b805b29ed6d02f62e31906abb3804 TOTOLINK router models are backdoored with hardcoded credentials.
9ca4b52af2e1f01e95d564008e9b6c31d1c43d2dd18ac9b2367ff9593944b575SAP has released the monthly critical patch update for June 2015. This patch update closes buffer overflow, remote SQL injection, XML eXternal Entity, and hardcoded credentials vulnerabilities.
19387f24cc2e3fc9d5721e3adda4e660354e12481fa568f2e559c14584e13347The Kankun Smart Socket device and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP. An attacker on the local network can use the same key to encrypt and send unsolicited commands to the device and hijack it.
9225a407cd8c8dd1c678631cb1e646a383b42ee99ca1ea8aa1e039b735e9be08Raritan PowerIQ versions 4.1, 4.2, and 4.3 ship with a Rails 2 web interface with a hardcoded session secret. This can be used to achieve unauthenticated remote code execution as the nginx user on vulnerable systems.
681c8bb72ae6628420487909d37bf9e367efcdc762196f727263b8b5ca086eda
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed