CVE-2024-2197

LOW Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-259
View all →

Vulnerability Description

The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable cannot be used to change the configuration settings of the door readers or locksets and does not affect the ability for authorized users of the mobile application to lock or unlock access points.

Related Vulnerabilities

CVE-2022-27172

MEDIUM
CVSS:4.3(Medium)

A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution...

CWE-2592022

CVE-2023-29103

MEDIUM
CVSS:4.3(Medium)

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= ...

CWE-2592023

CVE-2024-26196

MEDIUM
CVSS:4.3(Medium)

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

CWE-2592024

CVE-2025-2556

MEDIUM
CVSS:4.3(Medium)

A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to...

CWE-2592025

CVE-2024-7155

LOW
CVSS:4.7(Medium)

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The m...

CWE-2592024

CVE-2024-33867

MEDIUM
CVSS:4.8(Medium)

An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.

CWE-2592024