CWE-1392
AllowedUse of Default Credentials
Abstraction: Base · Status: Incomplete
The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
191 vulnerabilities reference this CWE, most recent first.
CVE-2023-27573 (GCVE-0-2023-27573)
Vulnerability from cvelistv5 – Published: 2026-03-11 00:00 – Updated: 2026-03-11 14:23- CWE-1392 - Use of Default Credentials
| Vendor | Product | Version | |
|---|---|---|---|
| netbox-community | netbox-docker |
Affected:
0 , < 2.5.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27573",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T14:15:15.278309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T14:23:00.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "netbox-docker",
"vendor": "netbox-community",
"versions": [
{
"lessThan": "2.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "netbox-docker before 2.5.0 has a superuser account with default credentials (admin password for the admin account, and 0123456789abcdef0123456789abcdef01234567 value for SUPERUSER_API_TOKEN). In practice on the public Internet, almost all users changed the password but only about 90% changed the token. Having a default token value was intentional and was valuable for the main intended use case of the netbox-docker product (isolated development networks). Some users engaged in an effort to repurpose netbox-docker for production. The documentation for this effort stated that the defaults must not be used. However, installation did not ensure non-default values. The Supplier was aware of the CVE ID assignment and did not object to the assignment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392 Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T05:01:47.850Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/netbox-community/netbox-docker/issues/953"
},
{
"url": "https://github.com/netbox-community/netbox-docker/pull/959"
},
{
"url": "https://github.com/netbox-community/netbox-docker/releases/tag/2.5.0"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-27573",
"datePublished": "2026-03-11T00:00:00.000Z",
"dateReserved": "2023-03-03T00:00:00.000Z",
"dateUpdated": "2026-03-11T14:23:00.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3703 (GCVE-0-2023-3703)
Vulnerability from cvelistv5 – Published: 2023-09-03 14:19 – Updated: 2024-09-30 20:46- CWE-1392 - Use of Default Credentials
| Vendor | Product | Version | |
|---|---|---|---|
| Proscend Advice | ICR Series routers FW |
Affected:
version 1.76 , < Upgrade to fw version 2.24.
(custom)
|
|
| proscend | icr_series_routers_fw |
Affected:
1.76 , < 2.24
(custom)
cpe:2.3:a:proscend:icr_series_routers_fw:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:proscend:icr_series_routers_fw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "icr_series_routers_fw",
"vendor": "proscend",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "1.76",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T20:43:24.600191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T20:46:08.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICR Series routers FW",
"vendor": "Proscend Advice",
"versions": [
{
"lessThan": "Upgrade to fw version 2.24.",
"status": "affected",
"version": "version 1.76",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Anonymous"
}
],
"datePublic": "2023-09-03T13:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProscend Advice ICR Series routers FW version 1.76\u003c/span\u003e\u0026nbsp;- CWE-1392: Use of Default Credentials\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nProscend Advice ICR Series routers FW version 1.76\u00a0- CWE-1392: Use of Default Credentials"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392: Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-03T14:19:26.169Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpgrade to fw version 2.24.\u003c/span\u003e\n\n"
}
],
"value": "\nUpgrade to fw version 2.24.\n\n"
}
],
"source": {
"advisory": "ILVN-2023-0125",
"discovery": "UNKNOWN"
},
"title": "Proscend Advice ICR Series routers fw version 1.76",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2023-3703",
"datePublished": "2023-09-03T14:19:26.169Z",
"dateReserved": "2023-07-17T09:45:14.295Z",
"dateUpdated": "2024-09-30T20:46:08.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-50803 (GCVE-0-2022-50803)
Vulnerability from cvelistv5 – Published: 2025-12-30 22:41 – Updated: 2026-01-05 20:24- CWE-1392 - Use of Default Credentials
| URL | Tags |
|---|---|
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| https://packetstormsecurity.com/files/167487/ | exploit |
| https://cxsecurity.com/issue/WLB-2022060058 | third-party-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
| https://www.jm-data.com/ | product |
| https://www.vulncheck.com/advisories/jm-data-onu-… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| JM-DATA ONU | JF511-TV |
Affected:
1.0.67
Affected: 1.0.62 Affected: 1.0.55 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-50803",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-05T20:24:09.099847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T20:24:15.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "JF511-TV",
"vendor": "JM-DATA ONU",
"versions": [
{
"status": "affected",
"version": "1.0.67"
},
{
"status": "affected",
"version": "1.0.62"
},
{
"status": "affected",
"version": "1.0.55"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Neurogenesia"
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T22:41:41.999Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Zero Science Lab Disclosure (ZSL-2022-5708)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php"
},
{
"name": "Packet Storm Security Exploit Entry",
"tags": [
"exploit"
],
"url": "https://packetstormsecurity.com/files/167487/"
},
{
"name": "CXSecurity Vulnerability Listing",
"tags": [
"third-party-advisory"
],
"url": "https://cxsecurity.com/issue/WLB-2022060058"
},
{
"name": "IBM X-Force Vulnerability Exchange Entry",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229344"
},
{
"name": "JM-DATA Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.jm-data.com/"
},
{
"name": "VulnCheck Advisory: JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/jm-data-onu-jf-tv-default-credentials-vulnerability"
}
],
"title": "JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulnerability",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-50803",
"datePublished": "2025-12-30T22:41:41.999Z",
"dateReserved": "2025-12-27T13:53:29.755Z",
"dateUpdated": "2026-01-05T20:24:15.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-47707 (GCVE-0-2021-47707)
Vulnerability from cvelistv5 – Published: 2025-12-09 20:39 – Updated: 2026-04-07 14:05- CWE-1392 - Use of Default Credentials
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/50210 | exploit |
| https://www.commax.com | product |
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| https://www.vulncheck.com/advisories/commax-cvd-a… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| COMMAX Co., Ltd. | COMMAX CVD-Axx DVR |
Affected:
CVD-AH04 DVR 4.4.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47707",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T15:41:03.540626Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T15:41:18.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "COMMAX CVD-Axx DVR",
"vendor": "COMMAX Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "CVD-AH04 DVR 4.4.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2021-08-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCOMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the \u0027passkey\u0027 parameter set to \u00271234\u0027, allowing them to access the web control panel.\u003c/p\u003e"
}
],
"value": "COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the \u0027passkey\u0027 parameter set to \u00271234\u0027, allowing them to access the web control panel."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392: Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:05:35.450Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-50210",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/50210"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.commax.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2021-5667)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5667.php"
},
{
"name": "VulnCheck Advisory: COMMAX CVD-Axx DVR Weak Default Credentials Stream Disclosure",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/commax-cvd-axx-dvr-weak-default-credentials-stream-disclosure"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "COMMAX CVD-Axx DVR Weak Default Credentials Stream Disclosure",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-47707",
"datePublished": "2025-12-09T20:39:01.947Z",
"dateReserved": "2025-12-05T19:10:29.046Z",
"dateUpdated": "2026-04-07T14:05:35.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36915 (GCVE-0-2020-36915)
Vulnerability from cvelistv5 – Published: 2026-01-06 15:52 – Updated: 2026-01-06 19:42| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/48954 | exploit |
| https://www.adtecdigital.com | product |
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| https://packetstorm.news/files/id/159709 | exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
| https://www.vulncheck.com/advisories/adtec-digita… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Adtecdigital | SignEdje Digital Signage Player |
Affected:
2.08.28
|
|
| Adtecdigital | mediaHUB HD-Pro High & Standard Definition MPEG2 Encoder |
Affected:
3.07.19
|
|
| Adtecdigital | afiniti Multi-Carrier Platform |
Affected:
1905_11
|
|
| Adtecdigital | EN-31 Dual Channel DSNG Encoder / Modulator |
Affected:
2.01.15
|
|
| Adtecdigital | EN-210 Multi-CODEC 10-bit Encoder / Modulator |
Affected:
3.00.29
|
|
| Adtecdigital | EN-200 1080p AVC Low Latency Encoder / Modulator |
Affected:
3.00.29
|
|
| Adtecdigital | ED-71 10-bit / 1080p Integrated Receiver Decoder |
Affected:
2.02.24
|
|
| Adtecdigital | edje-5110 Standard Definition MPEG2 Encoder |
Affected:
1.02.05
|
|
| Adtecdigital | edje-4111 HD Digital Media Player |
Affected:
2.07.09
|
|
| Adtecdigital | Soloist HD-Pro Broadcast Decoder |
Affected:
2.07.09
|
|
| Adtecdigital | adManage Traffic & Media Management Application |
Affected:
2.5.4
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36915",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T19:42:21.293291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:42:42.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48954"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SignEdje Digital Signage Player",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.08.28"
}
]
},
{
"product": "mediaHUB HD-Pro High \u0026 Standard Definition MPEG2 Encoder",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "3.07.19"
}
]
},
{
"product": "afiniti Multi-Carrier Platform",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "1905_11"
}
]
},
{
"product": "EN-31 Dual Channel DSNG Encoder / Modulator",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.01.15"
}
]
},
{
"product": "EN-210 Multi-CODEC 10-bit Encoder / Modulator",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "3.00.29"
}
]
},
{
"product": "EN-200 1080p AVC Low Latency Encoder / Modulator",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "3.00.29"
}
]
},
{
"product": "ED-71 10-bit / 1080p Integrated Receiver Decoder",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.02.24"
}
]
},
{
"product": "edje-5110 Standard Definition MPEG2 Encoder",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "1.02.05"
}
]
},
{
"product": "edje-4111 HD Digital Media Player",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.07.09"
}
]
},
{
"product": "Soloist HD-Pro Broadcast Decoder",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.07.09"
}
]
},
{
"product": "adManage Traffic \u0026 Media Management Application",
"vendor": "Adtecdigital",
"versions": [
{
"status": "affected",
"version": "2.5.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-1392",
"description": "Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T15:52:24.350Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48954",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48954"
},
{
"name": "Adtec Digital Official Homepage",
"tags": [
"product"
],
"url": "https://www.adtecdigital.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2020-5603)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5603.php"
},
{
"name": "Packet Storm Security Exploit Entry",
"tags": [
"exploit"
],
"url": "https://packetstorm.news/files/id/159709"
},
{
"name": "IBM X-Force Vulnerability Exchange",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190628"
},
{
"name": "VulnCheck Advisory: Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/adtec-digital-signedje-digital-signage-player-default-credentials"
}
],
"title": "Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36915",
"datePublished": "2026-01-06T15:52:24.350Z",
"dateReserved": "2026-01-03T14:10:13.301Z",
"dateUpdated": "2026-01-06T19:42:42.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25147 (GCVE-0-2018-25147)
Vulnerability from cvelistv5 – Published: 2025-12-24 19:27 – Updated: 2025-12-24 20:25- CWE-1392 - Use of Default Credentials
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/45040 | exploit |
| http://www.microhardcorp.com | product |
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials |
Affected:
IPn4G 1.1.0 build 1098
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25147",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T20:11:21.555246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T20:25:21.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5480.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials",
"vendor": "Microhard Systems",
"versions": [
{
"status": "affected",
"version": "IPn4G 1.1.0 build 1098"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2018-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T19:27:50.490Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45040",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45040"
},
{
"name": "Microhard Systems Product Homepage",
"tags": [
"product"
],
"url": "http://www.microhardcorp.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2018-5480)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5480.php"
}
],
"title": "Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25147",
"datePublished": "2025-12-24T19:27:50.490Z",
"dateReserved": "2025-12-24T14:28:02.435Z",
"dateUpdated": "2025-12-24T20:25:21.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
GHSA-2HP7-65R3-WV54
Vulnerability from github – Published: 2026-04-22 22:03 – Updated: 2026-05-13 13:30Summary
The --address CLI flag (and NORNICDB_ADDRESS / server.host config key) is plumbed through to the HTTP server correctly but never reaches the Bolt server config. The Bolt listener therefore always binds to the wildcard address (all interfaces), regardless of what the user configures.
On a LAN, this exposes the graph database — with its default admin:password credentials — to any device sharing the network.
Version
nornicdb v1.0.39- Built from commit
afe7c9donmain - Platform: macOS (darwin 25.4.0, arm64)
Reproduction
$ nornicdb serve --address 127.0.0.1 --bolt-port 7687 --http-port 7474 ...
Output claims Bolt is on localhost:
Bolt server listening on bolt://localhost:7687
But the actual socket:
$ netstat -an -p tcp | grep 7687
tcp46 0 0 *.7687 *.* LISTEN
$ lsof -iTCP:7687 -sTCP:LISTEN -n -P
nornicdb ... IPv6 ... TCP *:7687 (LISTEN)
HTTP port is correctly bound:
tcp4 127.0.0.1.7474 *.* LISTEN
Reachable from another host on the LAN:
$ nc -z 192.168.x.y 7687
Connection to 192.168.x.y port 7687 [tcp/*] succeeded!
Setting NORNICDB_BOLT_ADDRESS=127.0.0.1 or server.host: "127.0.0.1" in config.yaml has no effect on the Bolt listener.
Root Cause
In pkg/bolt/server.go:774-776:
func (s *Server) ListenAndServe() error {
addr := fmt.Sprintf(":%d", s.config.Port)
listener, err := net.Listen("tcp", addr)
...
}
bolt.Config (line 474) has no Host/Address/Addr field — only Port. The CLI flag --address is stored in a local variable in cmd/nornicdb/main.go:80 and used to format user-facing log output (line 637–644), but is never copied into boltConfig at line 600–609 when Bolt is initialized.
Since ListenAndServe calls net.Listen("tcp", ":7687") with an empty host, Go binds the wildcard socket on all interfaces.
Suggested Fix
- Add a
Host stringfield tobolt.Config(default"127.0.0.1", matching the CLI flag default). - In
cmd/nornicdb/main.goaround line 601, wire it through:go boltConfig.Host = address boltConfig.Port = boltPort - In
pkg/bolt/server.go:775, use the host:go addr := net.JoinHostPort(s.config.Host, strconv.Itoa(s.config.Port))
Security Impact
- Default
admin:passwordcredentials + wildcard binding = anyone on the same WiFi can issue arbitrary Cypher queries (read, write, delete nodes) against NornicDB instances running with default setup. - Users following the README will reasonably assume
--address 127.0.0.1(the documented default) binds both protocols to localhost. - Workaround: host-firewall rules (e.g. macOS
pf) blocking non-loopback → 7687. Not discoverable from the docs.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/orneryd/nornicdb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.42-hotfix"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42072"
],
"database_specific": {
"cwe_ids": [
"CWE-1392"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-22T22:03:43Z",
"nvd_published_at": "2026-05-08T17:16:31Z",
"severity": "CRITICAL"
},
"details": "## Summary\n\nThe `--address` CLI flag (and `NORNICDB_ADDRESS` / `server.host` config key) is plumbed through to the HTTP server correctly but **never reaches the Bolt server config**. The Bolt listener therefore always binds to the wildcard address (all interfaces), regardless of what the user configures.\n\nOn a LAN, this exposes the graph database \u2014 with its default `admin:password` credentials \u2014 to any device sharing the network.\n\n## Version\n\n- `nornicdb v1.0.39`\n- Built from commit `afe7c9d` on `main`\n- Platform: macOS (darwin 25.4.0, arm64)\n\n## Reproduction\n\n```\n$ nornicdb serve --address 127.0.0.1 --bolt-port 7687 --http-port 7474 ...\n```\n\nOutput claims Bolt is on localhost:\n```\nBolt server listening on bolt://localhost:7687\n```\n\nBut the actual socket:\n```\n$ netstat -an -p tcp | grep 7687\ntcp46 0 0 *.7687 *.* LISTEN\n\n$ lsof -iTCP:7687 -sTCP:LISTEN -n -P\nnornicdb ... IPv6 ... TCP *:7687 (LISTEN)\n```\n\nHTTP port is correctly bound:\n```\ntcp4 127.0.0.1.7474 *.* LISTEN\n```\n\nReachable from another host on the LAN:\n```\n$ nc -z 192.168.x.y 7687\nConnection to 192.168.x.y port 7687 [tcp/*] succeeded!\n```\n\nSetting `NORNICDB_BOLT_ADDRESS=127.0.0.1` or `server.host: \"127.0.0.1\"` in `config.yaml` has **no effect** on the Bolt listener.\n\n## Root Cause\n\nIn `pkg/bolt/server.go:774-776`:\n\n```go\nfunc (s *Server) ListenAndServe() error {\n addr := fmt.Sprintf(\":%d\", s.config.Port)\n listener, err := net.Listen(\"tcp\", addr)\n ...\n}\n```\n\n`bolt.Config` (line 474) has no `Host`/`Address`/`Addr` field \u2014 only `Port`. The CLI flag `--address` is stored in a local variable in `cmd/nornicdb/main.go:80` and used to format user-facing log output (line 637\u2013644), but is never copied into `boltConfig` at line 600\u2013609 when Bolt is initialized.\n\nSince `ListenAndServe` calls `net.Listen(\"tcp\", \":7687\")` with an empty host, Go binds the wildcard socket on all interfaces.\n\n## Suggested Fix\n\n1. Add a `Host string` field to `bolt.Config` (default `\"127.0.0.1\"`, matching the CLI flag default).\n2. In `cmd/nornicdb/main.go` around line 601, wire it through:\n ```go\n boltConfig.Host = address\n boltConfig.Port = boltPort\n ```\n3. In `pkg/bolt/server.go:775`, use the host:\n ```go\n addr := net.JoinHostPort(s.config.Host, strconv.Itoa(s.config.Port))\n ```\n\n## Security Impact\n\n- Default `admin:password` credentials + wildcard binding = anyone on the same WiFi can issue arbitrary Cypher queries (read, write, delete nodes) against NornicDB instances running with default setup.\n- Users following the README will reasonably assume `--address 127.0.0.1` (the documented default) binds *both* protocols to localhost.\n- Workaround: host-firewall rules (e.g. macOS `pf`) blocking non-loopback \u2192 7687. Not discoverable from the docs.",
"id": "GHSA-2hp7-65r3-wv54",
"modified": "2026-05-13T13:30:30Z",
"published": "2026-04-22T22:03:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/orneryd/NornicDB/security/advisories/GHSA-2hp7-65r3-wv54"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42072"
},
{
"type": "WEB",
"url": "https://github.com/orneryd/NornicDB/commit/adce4f9a9fc7b6aada07c0bfa2d737cd7a6efaca"
},
{
"type": "PACKAGE",
"url": "https://github.com/orneryd/NornicDB"
},
{
"type": "WEB",
"url": "https://github.com/orneryd/NornicDB/releases/tag/v1.0.42"
},
{
"type": "WEB",
"url": "https://github.com/orneryd/NornicDB/releases/tag/v1.0.42-hotfix"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "NornicDB has Improper Network Binding in its Bolt Server, allowing unauthorized remote access"
}
GHSA-2QGH-37RM-MV6X
Vulnerability from github – Published: 2024-12-17 18:33 – Updated: 2024-12-17 18:33Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys™ Informatics Solution is only in scope of this vulnerability when installed on a NUC server. BD Synapsys™ Informatics Solution installed on a customer-provided virtual machine or on the BD Kiestra™ SCU hardware is not in scope.
{
"affected": [],
"aliases": [
"CVE-2024-10476"
],
"database_specific": {
"cwe_ids": [
"CWE-1392"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-17T16:15:23Z",
"severity": "HIGH"
},
"details": "Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys\u2122 Informatics\nSolution is only in scope of\nthis vulnerability when\ninstalled on a NUC server. BD Synapsys\u2122\nInformatics Solution installed\non a customer-provided virtual machine or on the BD Kiestra\u2122 SCU hardware is\nnot in scope.",
"id": "GHSA-2qgh-37rm-mv6x",
"modified": "2024-12-17T18:33:49Z",
"published": "2024-12-17T18:33:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10476"
},
{
"type": "WEB",
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-cybersecurity-vulnerability-bulletin-diagnostic-solutions-products"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-35HW-X784-33FR
Vulnerability from github – Published: 2025-09-25 15:30 – Updated: 2025-11-03 21:34iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and data. This enables reading highly sensitive telemetry (including keylogger output) and issuing arbitrary actions to all connected clients.
{
"affected": [],
"aliases": [
"CVE-2025-10542"
],
"database_specific": {
"cwe_ids": [
"CWE-1392"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-25T15:16:09Z",
"severity": "CRITICAL"
},
"details": "iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client\u2019s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and data. This enables reading highly sensitive telemetry (including keylogger output) and issuing arbitrary actions to all connected clients.",
"id": "GHSA-35hw-x784-33fr",
"modified": "2025-11-03T21:34:35Z",
"published": "2025-09-25T15:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10542"
},
{
"type": "WEB",
"url": "https://r.sec-consult.com/imonitor"
},
{
"type": "WEB",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-imonitorsoft-eam"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/72"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-37PF-3G8R-X352
Vulnerability from github – Published: 2025-03-09 09:30 – Updated: 2025-03-09 09:30A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-2119"
],
"database_specific": {
"cwe_ids": [
"CWE-1392"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-09T09:15:12Z",
"severity": "LOW"
},
"details": "A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-37pf-3g8r-x352",
"modified": "2025-03-09T09:30:48Z",
"published": "2025-03-09T09:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2119"
},
{
"type": "WEB",
"url": "https://github.com/geo-chen/Thinkware-Dashcam"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.299032"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.299032"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.507326"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.
Mitigation
Force the administrator to change the credential upon installation.
Mitigation
The product administrator could change the defaults upon installation or during operation.
No CAPEC attack patterns related to this CWE.