CVE-2023-29064

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts.

Related Vulnerabilities

CVE-2021-42892

MEDIUM
CVSS:4.3(Medium)

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.

CWE-7982021

CVE-2023-45194

MEDIUM
CVSS:4.3(Medium)

Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated a...

CWE-7982023

CVE-2024-45832

LOW
CVSS:4.3(Medium)

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attack...

CWE-7982024

CVE-2020-10206

MEDIUM
CVSS:4.4(Medium)

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact wi...

CWE-7982020

CVE-2024-22813

MEDIUM
CVSS:4.4(Medium)

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and t...

CWE-7982024

CVE-2024-39582

MEDIUM
CVSS:4.4(Medium)

Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Inf...

CWE-7982024