Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allow remote attackers to obtain a login password via HTTP referer.
Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved.
General Electric D20ME devices are not properly configured and reveal plaintext passwords.
webauth before 4.6.1 has authentication credential disclosure
Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.
The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can al...
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generati...