Total
1387 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1614 | 1 Juniper | 2 Junos, Nfx250 | 2024-11-21 | 9.3 HIGH | 10.0 CRITICAL |
| A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF, either locally, or through the network. This issue only affects the NFX250 Series vSRX VNF. No other products or platforms are affected. This issue is only applicable to environments where the vSRX VNF root password has not been configured. This issue affects the Juniper Networks NFX250 Network Services Platform vSRX VNF instance on versions prior to 19.2R1. | |||||
| CVE-2020-16258 | 1 Winstonprivacy | 2 Winston, Winston Firmware | 2024-11-21 | 5.6 MEDIUM | 7.1 HIGH |
| Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials. | |||||
| CVE-2020-16170 | 1 Robotemi | 1 Temi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors. | |||||
| CVE-2020-15833 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom location that cannot be modified by the device owner. | |||||
| CVE-2020-15382 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | |||||
| CVE-2020-15327 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 7.5 HIGH |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | |||||
| CVE-2020-15326 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 5.3 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | |||||
| CVE-2020-15324 | 1 Zyxel | 1 Cloud Cnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials. | |||||
| CVE-2020-15323 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | |||||
| CVE-2020-15322 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | |||||
| CVE-2020-15321 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | |||||
| CVE-2020-15320 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | |||||
| CVE-2020-15319 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||||
| CVE-2020-15318 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||||
| CVE-2020-15317 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
| CVE-2020-15316 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
| CVE-2020-15315 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
| CVE-2020-15314 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account. | |||||
| CVE-2020-15313 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account. | |||||
| CVE-2020-15312 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account. | |||||