Total
1269 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27392 | 1 Siemens | 1 Siveillance Video Open Network Bridge | 2024-08-03 | 8.8 High |
| A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server. | ||||
| CVE-2021-27228 | 1 Shinobi | 1 Shinobi Pro | 2024-08-03 | 9.8 Critical |
| An issue was discovered in Shinobi through ocean version 1. lib/auth.js has Incorrect Access Control. Valid API Keys are held in an internal JS Object. Therefore an attacker can use JS Proto Method names (such as constructor or hasOwnProperty) to convince the System that the supplied API Key exists in the underlying JS object, and consequently achieve complete access to User/Admin/Super API functions, as demonstrated by a /super/constructor/accounts/list URI. | ||||
| CVE-2021-27254 | 1 Netgear | 86 Br200, Br200 Firmware, Br500 and 83 more | 2024-08-03 | 8.8 High |
| This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. | ||||
| CVE-2021-27169 | 1 Fiberhome | 2 An5506-04-fa, An5506-04-fa Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account. | ||||
| CVE-2021-27166 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon. | ||||
| CVE-2021-27163 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP. | ||||
| CVE-2021-27153 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. | ||||
| CVE-2021-27158 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP. | ||||
| CVE-2021-27154 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP. | ||||
| CVE-2021-27167 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init_3bb_password in libci_adaptation_layer.so. | ||||
| CVE-2021-27165 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials. | ||||
| CVE-2021-27164 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP. | ||||
| CVE-2021-27150 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP. | ||||
| CVE-2021-27157 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP. | ||||
| CVE-2021-27142 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions. | ||||
| CVE-2021-27159 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded useradmin / 888888 credentials for an ISP. | ||||
| CVE-2021-27168 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. There is a 6GFJdY4aAuUKJjdtSn7d password for the rdsadmin account. | ||||
| CVE-2021-27162 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP. | ||||
| CVE-2021-27147 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP. | ||||
| CVE-2021-27160 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 9.8 Critical |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / 888888 credentials for an ISP. | ||||