Total
1224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27159 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded useradmin / 888888 credentials for an ISP. | |||||
| CVE-2021-27158 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP. | |||||
| CVE-2021-27157 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP. | |||||
| CVE-2021-27156 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface. | |||||
| CVE-2021-27155 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 3UJUh2VemEfUtesEchEC2d2e credentials for an ISP. | |||||
| CVE-2021-27154 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP. | |||||
| CVE-2021-27153 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. | |||||
| CVE-2021-27152 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded awnfibre / fibre@dm!n credentials for an ISP. | |||||
| CVE-2021-27151 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP. | |||||
| CVE-2021-27150 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP. | |||||
| CVE-2021-27149 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded adminpldt / z6dUABtl270qRxt7a2uGTiw credentials for an ISP. | |||||
| CVE-2021-27148 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP. | |||||
| CVE-2021-27147 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP. | |||||
| CVE-2021-27146 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP. | |||||
| CVE-2021-27145 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP. | |||||
| CVE-2021-25275 | 1 Solarwinds | 1 Orion Platform | 2021-02-08 | 2.1 LOW | 7.8 HIGH |
| SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database. | |||||
| CVE-2020-1615 | 1 Juniper | 2 Junos, Vmx | 2021-02-05 | 10.0 HIGH | 9.8 CRITICAL |
| The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue affects Juniper Networks Junos OS: 17.1 versions prior to 17.1R2-S11, 17.1R3-S2 on vMX; 17.2 versions prior to 17.2R3-S3 on vMX; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7 on vMX; 17.4 versions prior to 17.4R2-S9, 17.4R3 on vMX; 18.1 versions prior to 18.1R3-S9 on vMX; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on vMX; 18.2X75 versions prior to 18.2X75-D420, 18.2X75-D60 on vMX; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3-S1 on vMX; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on vMX; 19.1 versions prior to 19.1R1-S4, 19.1R2, 19.1R3 on vMX; 19.2 versions prior to 19.2R1-S3, 19.2R2 on vMX; 19.3 versions prior to 19.3R1-S1, 19.3R2 on vMX. | |||||
| CVE-2017-12239 | 1 Cisco | 1 Ios Xe | 2021-02-05 | 7.2 HIGH | 6.8 MEDIUM |
| A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's operating system. The vulnerability exists because an engineering console port is available on the motherboard of the affected line cards. An attacker could exploit this vulnerability by physically connecting to the console port on the line card. A successful exploit could allow the attacker to gain full access to the affected device's operating system. This vulnerability affects only Cisco ASR 1000 Series Routers that have removable line cards and Cisco cBR-8 Converged Broadband Routers, if they are running certain Cisco IOS XE 3.16 through 16.5 releases. Cisco Bug IDs: CSCvc65866, CSCve77132. | |||||
| CVE-2020-15833 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2021-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom location that cannot be modified by the device owner. | |||||
| CVE-2020-13858 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2021-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations. | |||||