• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-798

CVE-2021-27430

February 23, 2023 by

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR.

CVE-2021-27437

February 23, 2023 by

The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).

CVE-2021-27438

February 23, 2023 by

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).

CVE-2021-27440

February 23, 2023 by

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).

CVE-2021-27452

February 23, 2023 by

The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).

CVE-2021-27392

February 23, 2023 by

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 87
  • Go to page 88
  • Go to page 89
  • Go to page 90
  • Go to page 91
  • Interim pages omitted …
  • Go to page 130
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE