CVE-2019-20656

MEDIUM Year: 2019
CVSS v3 Score
6.4
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-798
View all →

Vulnerability Description

Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62.

Related Vulnerabilities

CVE-2023-49228

MEDIUM
CVSS:6.4(Medium)

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute ...

CWE-7982023

CVE-2024-31798

MEDIUM
CVSS:6.4(Medium)

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices

CWE-7982024

CVE-2019-11946

MEDIUM
CVSS:6.5(Medium)

A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-7982019

CVE-2019-6693

MEDIUM
CVSS:6.5(Medium)

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge o...

CWE-7982019

CVE-2020-27181

MEDIUM
CVSS:6.5(Medium)

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.

CWE-7982020