#hard_coded_credentials

Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named Eternidade Stealer as part of attacks targeting users in Brazil. "It uses Internet Message Access Protocol (IMAP) to dynamically retrieve command-and-control (C2) addresses, allowing the threat actor to

The U.S. government is reportedly preparing to ban the sale of wireless routers and other networking gear from TP-Link Systems, a tech company that currently enjoys an estimated 50% market share among home users and small businesses. Experts say while the proposed ban may have more to do with TP-Link's ties to China than any specific technical threats, much of the rest of the industry serving this market also sources hardware from China and ships products that are insecure fresh out of the box.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FBXi, FBVi, FBTi, CBXi Vulnerabilities: Use of Hard-coded Credentials, Improper Validation of Specified Type of Input, Use of a One-Way Hash without a Salt 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take remote control of the product, insert and run arbitrary code, and crash the device being accessed. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ABB FLXeon products are affected: FBXi-8R8-X96 (2CQG201028R1011): Versions 9.3.5 and prior FBXi-8R8-H-X96 (2CQG201029R1011): Versions 9.3.5 and prior FBXi-X256 (2CQG201014R1021): Versions 9.3.5 and prior FBXi-X48 (2CQG201018R1021): Versions 9.3.5 and prior FBXi-8R8-X96-S (2CQG201606R1011): Versions 9.3.5 and prior FBVi-2U4-4T (2CQG201015R1021 ): Versions 9.3.5 and prior FBVi-2U4-4T-IMP (2CQG201016R1021): Versions 9.3.5 and prior FBVi-2U4-4T-SI: Versions 9.3.5 and ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: CloudEdge Equipment: CloudEdge App, CloudEdge Online Cameras Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to live video feed and camera control. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following CloudEdge products are known to be affected: CloudEdge App: Version 4.4.2 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Wildcards or Matching Symbols CWE-155 The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an the attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key information to connect to the cameras from peer to peer. CVE-2025-11757 has been assigned to this vulnerability. A CVSS v3...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: SunPower Equipment: PVS6 Vulnerability: Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SunPower PVS6 are affected: PVS6: Versions 2025.06 build 61839 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798 The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the attacker to perform actions such as firmware replacem...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Tigo Energy Equipment: Cloud Connect Advanced Vulnerabilities: Use of Hard-coded Credentials, Command Injection, Predictable Seed in Pseudo-Random Number Generator (PRNG). 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access using hard-coded credentials, escalate privileges to take full control of the device, modify system settings, disrupt solar energy production, interfere with safety mechanisms, execute arbitrary commands via command injection, cause service disruptions, expose sensitive data, and recreate valid session IDs to access sensitive device functions on connected solar inverter systems due to insecure session ID generation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Cloud Connect Advanced are affected: Cloud Connect Advanced: Versions 4.0.1 and prior 3.2 VULNERABILI...

Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems. The vulnerability, tracked as CVE-2025-37103, carries a CVSS score of 9.8 out of a maximum of 10.0. "Hard-coded login credentials were found in HPE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ValueHD, PTZOptics, multiCAM Systems, SMTAV Equipment: Various pan-tilt-zoom cameras Vulnerabilities: Improper Authentication, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ValueHD, PTZOptics, multiCAM Systems, and SMTAV products are affected: PTZOptics PT12X-SDI-xx-G2: Versions 6.3.34 and prior (CVE-2025-35451) PTZOptics PT12X-NDI-xx: Versions 6.3.34 and prior (CVE-2025-35451) PTZOptics PT12X-USB-xx-G2: Versions 6.2.81 and prior (CVE-2025-35451) PTZOptics PT20X-SDI-xx-G2: Versions 6.3.20 and prior (CVE-2025-35451) PTZOptics PT20X-NDI-xx: Versions...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Consilium Safety Equipment: CS5000 Fire Panel Vulnerabilities: Initialization of a Resource with an Insecure Default, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to and remotely operate the device, potentially putting it into a non-functional state. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Consilium Safety product is affected: CS5000 Fire Panel: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 INITIALIZATION OF A RESOURCE WITH AN INSECURE DEFAULT CWE-1188 The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely impact the device's op...

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.