CVE-2024-7746

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-1392
View all →

Vulnerability Description

Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.

Related Vulnerabilities

CVE-2023-30603

CRITICAL
CVSS:9.8(Critical)

Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remot...

CWE-13922023

CVE-2023-30801

CRITICAL
CVSS:9.8(Critical)

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, thi...

CWE-13922023

CVE-2023-3703

CRITICAL
CVSS:9.8(Critical)

Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials

CWE-13922023

CVE-2023-40704

MEDIUM
CVSS:9.8(Critical)

The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An ...

CWE-13922023

CVE-2023-49621

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An...

CWE-13922023

CVE-2024-12286

CRITICAL
CVSS:9.8(Critical)

MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials.

CWE-13922024