映射到 CWE-798 的搜索结果 (84)

CVE-2016-6530(发布:2016-09-20 22:59:12)NMS
CVSS10.0

[原文]Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords.

CVE-2016-6535(发布:2016-09-18 21:59:07)NMPS
CVSS10.0

[原文]AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.

CVE-2016-5678(发布:2016-08-31 11:59:04)NMP
CVSS10.0

[原文]NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.

CVE-2016-5333(发布:2016-08-30 21:59:17)NMS
CVSS9.3

[原文]VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.

CVE-2016-5081(发布:2016-08-23 22:00:07)NMS
CVSS10.0

[原文]ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.

CVE-2006-7074(发布:2007-03-02 16:18:00)NMCO
CVSS7.5

[CNNVD]SmartSiteCMS admin.php 身份认证绕过漏洞--SmartSiteCMS 1.0版本的admin.php允许远程攻击者通过设置用户名cookie,来绕过身份认证和获得管理员特权。

首页上一页7891011121314 第14页 / 共14页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站