CVE-2015-7911

CRITICAL Year: 2015
CVSS v3 Score
9.1
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-255
View all →

Vulnerability Description

Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session.

Related Vulnerabilities

CVE-2015-7921

CRITICAL
CVSS:9.1(Critical)

The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for rem...

CWE-2552015

CVE-2017-16727

CRITICAL
CVSS:9.1(Critical)

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user ca...

CWE-2552017

CVE-2020-10287

CRITICAL
CVSS:9.1(Critical)

The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set u...

CWE-2552020

CVE-2013-5461

HIGH
CVSS:8.8(High)

IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by l...

CWE-2552013

CVE-2014-1812

HIGH
CVSS:8.8(High)

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle ...

CWE-2552014

CVE-2014-8357

HIGH
CVSS:8.8(High)

backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the se...

CWE-2552014