SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in plaintext.
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test
credentials in the firmware binary
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file.
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security
Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext.
A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.
Several credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded).
A Credential Exposure Vulnerability exists in the above-mentioned product and version. The vulnerability is due to using HTTP resulting in credentials being sent in clear text.
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui Series Model(s) Ui12 and Ui16 Firmware v1.0.7x and v1.0.5x allows attackers to access Administrator cr
An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attackers to gain sensitive information such as administrator passwords via the /probe/c
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because
Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext.
Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, ex
ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials.
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system fronte
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3)
A vulnerability, which was classified as critical, was found in H3C Magic NX30 Pro up to V100R007. This affects an unknown part of the file /api/wizard/getNetworkStatus of the component HTTP POST Requ
Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with admi
A vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected is the function FCGI_CheckStringIfContainsS
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
Page 1+ Next →