CVE-2024-46959

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-259
View all →

Vulnerability Description

runofast Indoor Security Camera for Baby Monitor has a default password of password for the root account. This allows access to the /stream1 URI via the rtsp:// protocol to receive the video and audio stream.

Related Vulnerabilities

CVE-2024-27774

MEDIUM
CVSS:6.5(Medium)

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware

CWE-2592024

CVE-2025-28031

MEDIUM
CVSS:6.5(Medium)

TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.

CWE-2592025

CVE-2022-26388

MEDIUM
CVSS:6.4(Medium)

A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI 380 Resting Electrocardiograph: Versions 2.6.0 and prior; ELI 280/BUR280/MLBUR 280 Resting Electrocardi...

CWE-2592022

CVE-2021-27254

MEDIUM
CVSS:6.3(Medium)

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific fla...

CWE-2592021

CVE-2023-51629

MEDIUM
CVSS:6.3(Medium)

D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300L...

CWE-2592023

CVE-2014-5431

MEDIUM
CVSS:6.8(Medium)

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 contains a hard-coded password, which provides access to basic biomedical information,...

CWE-2592014