CVE-2023-49228

MEDIUM Year: 2023
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root.

Related Vulnerabilities

CVE-2019-20656

MEDIUM
CVSS:6.4(Medium)

Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 be...

CWE-7982019

CVE-2024-31798

MEDIUM
CVSS:6.4(Medium)

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices

CWE-7982024

CVE-2019-11946

MEDIUM
CVSS:6.5(Medium)

A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-7982019

CVE-2019-6693

MEDIUM
CVSS:6.5(Medium)

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge o...

CWE-7982019

CVE-2020-27181

MEDIUM
CVSS:6.5(Medium)

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.

CWE-7982020