Recherche : [hardcoded]

Cisco warns that Unified CM has hardcoded root SSH credentials https://www.bleepingcomputer.com/news/security/cisco-removes-unified-cm-callManager-backdoor-root-account/

02/07/2025 19:48:39

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.

Cisco Unified Communications Manager (CUCM), formerly known as Cisco CallManager, serves as the central control system for Cisco's IP telephony systems, handling call routing, device management, and telephony features.

The vulnerability (tracked as CVE-2025-20309) was rated as maximum severity, and it is caused by static user credentials for the root account, which were intended for use during development and testing.

SolarWinds Trust Center Security Advisories | CVE-2024-28987 https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987

22/08/2024 20:48:11

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

Uncovering thousands of unique secrets in PyPI packages https://blog.gitguardian.com/uncovering-thousands-of-unique-secrets-in-pypi-packages/

16/11/2023 15:01:57

Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials.

Multiple Vulnerabilities in Infiray IRAY-A8Z3 thermal camera https://sec-consult.com/vulnerability-lab/advisory/infiray-iray-thermal-camera-multiple-vulnerabilities/

13/06/2022 12:04:37

The IRAY A8Z3 thermal camera for industrial application, manufactured by Infiray/IRay Technologies is affected by multiple vulnerabilities.

Liens par page

Filtres