Monthly
Credential brute-force exposure in Reolink Home Hub (versions prior to v3.3.0.456_26031911) enables adjacent-network attackers to crack authentication credentials used between the Hub and its associated cameras. The netclient and factory services transmit or store credentials in a manner susceptible to brute-force attack, allowing an adversary on the same local network to intercept Hub-to-camera traffic and recover camera credentials. No public exploit or CISA KEV listing is present at time of analysis; however, the CVSS 4.0 subsequent-system impact is rated High across confidentiality, integrity, and availability, reflecting full camera compromise potential once credentials are cracked.
Predictable credential generation in ProjectsAndPrograms school-management-system allows unauthenticated remote attackers to derive valid account passwords for any student or teacher whose date of birth is known or guessable. Passwords are constructed deterministically from the user's date of birth alone (e.g., 12072000 for 12 July 2000), and the application never prompts users to change this default credential, leaving accounts permanently exposed. CVSS 4.0 rates this 6.9 with a fully network-accessible, no-authentication attack vector; no public exploit code has been identified at time of analysis, but the trivial exploitation logic requires no tooling.
Weak default credential generation in the D-Link DWR-X1820 router exposes administrative access to adjacent-network attackers who can derive the device password from its IMEI number. All devices running firmware prior to 1.00B16CP are affected when users have not changed the factory-set password - a common real-world condition for consumer-grade routers. An attacker with knowledge of the IMEI-to-password derivation algorithm and physical or logical access to the IMEI (e.g., from the device label) can authenticate to the router admin interface without prior credentials. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Predictable secure-key generation in Slican telephone exchanges (IPx, CCT-1668, MAC-6400, and CXS-0424 series) lets a remote unauthenticated attacker reconstruct the device's secure key from exchange properties that are readable without credentials, then derive administrator credentials. The flaw is network-reachable with low attack complexity and no authentication (CVSS 4.0 base 8.7), and while fixed firmware is available for supported lines, discontinued 4.xx and earlier units remain permanently exposed. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Brute-force authentication bypass in CashDro 3 web administration panel 24.01.00.26 enables remote unauthenticated attackers to gain full administrative access. The system accepts numeric PINs without account lockout mechanisms, a legacy design from 2012 POS integrations. Successful exploitation grants access to confidential configuration settings with high impact to confidentiality and integrity (CVSS 9.3). No public exploit identified at time of analysis, though exploitation is trivial given the vulnerability class. Patch available per vendor advisory from INCIBE.
Local attackers can gain full system access to Dell PowerProtect Data Domain storage systems without authentication due to weak default credentials in DD OS versions 7.7.1.0-8.5, 8.3.1.0-8.3.1.20, and 7.13.1.0-7.13.1.50. The vulnerability allows complete system compromise (CVSS 8.4) with high confidentiality, integrity, and availability impact despite requiring local access. No active exploitation confirmed (EPSS 0.01%, not in CISA KEV), and Dell has released patches across all affected release branches. SSVC framework rates this as total technical impact but non-automatable and not currently exploited.
Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the...
Default admin credentials in OpenMQ message broker. Shipped with known default admin password.
WRC-X1500GS-B and WRC-X1500GSA-B routers contain a weak credential derivation vulnerability where initial administrative passwords can be predicted from publicly available system information, potentially allowing unauthenticated attackers to gain administrative access. The vulnerability requires physical proximity to the device to obtain necessary system details, limiting its practical exploitability. No patch is currently available for affected devices.
with the restriction that the password is only randomized if the configured date versions up to 2022. contains a security vulnerability.
Credential brute-force exposure in Reolink Home Hub (versions prior to v3.3.0.456_26031911) enables adjacent-network attackers to crack authentication credentials used between the Hub and its associated cameras. The netclient and factory services transmit or store credentials in a manner susceptible to brute-force attack, allowing an adversary on the same local network to intercept Hub-to-camera traffic and recover camera credentials. No public exploit or CISA KEV listing is present at time of analysis; however, the CVSS 4.0 subsequent-system impact is rated High across confidentiality, integrity, and availability, reflecting full camera compromise potential once credentials are cracked.
Predictable credential generation in ProjectsAndPrograms school-management-system allows unauthenticated remote attackers to derive valid account passwords for any student or teacher whose date of birth is known or guessable. Passwords are constructed deterministically from the user's date of birth alone (e.g., 12072000 for 12 July 2000), and the application never prompts users to change this default credential, leaving accounts permanently exposed. CVSS 4.0 rates this 6.9 with a fully network-accessible, no-authentication attack vector; no public exploit code has been identified at time of analysis, but the trivial exploitation logic requires no tooling.
Weak default credential generation in the D-Link DWR-X1820 router exposes administrative access to adjacent-network attackers who can derive the device password from its IMEI number. All devices running firmware prior to 1.00B16CP are affected when users have not changed the factory-set password - a common real-world condition for consumer-grade routers. An attacker with knowledge of the IMEI-to-password derivation algorithm and physical or logical access to the IMEI (e.g., from the device label) can authenticate to the router admin interface without prior credentials. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Predictable secure-key generation in Slican telephone exchanges (IPx, CCT-1668, MAC-6400, and CXS-0424 series) lets a remote unauthenticated attacker reconstruct the device's secure key from exchange properties that are readable without credentials, then derive administrator credentials. The flaw is network-reachable with low attack complexity and no authentication (CVSS 4.0 base 8.7), and while fixed firmware is available for supported lines, discontinued 4.xx and earlier units remain permanently exposed. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Brute-force authentication bypass in CashDro 3 web administration panel 24.01.00.26 enables remote unauthenticated attackers to gain full administrative access. The system accepts numeric PINs without account lockout mechanisms, a legacy design from 2012 POS integrations. Successful exploitation grants access to confidential configuration settings with high impact to confidentiality and integrity (CVSS 9.3). No public exploit identified at time of analysis, though exploitation is trivial given the vulnerability class. Patch available per vendor advisory from INCIBE.
Local attackers can gain full system access to Dell PowerProtect Data Domain storage systems without authentication due to weak default credentials in DD OS versions 7.7.1.0-8.5, 8.3.1.0-8.3.1.20, and 7.13.1.0-7.13.1.50. The vulnerability allows complete system compromise (CVSS 8.4) with high confidentiality, integrity, and availability impact despite requiring local access. No active exploitation confirmed (EPSS 0.01%, not in CISA KEV), and Dell has released patches across all affected release branches. SSVC framework rates this as total technical impact but non-automatable and not currently exploited.
Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the...
Default admin credentials in OpenMQ message broker. Shipped with known default admin password.
WRC-X1500GS-B and WRC-X1500GSA-B routers contain a weak credential derivation vulnerability where initial administrative passwords can be predicted from publicly available system information, potentially allowing unauthenticated attackers to gain administrative access. The vulnerability requires physical proximity to the device to obtain necessary system details, limiting its practical exploitability. No patch is currently available for affected devices.
with the restriction that the password is only randomized if the configured date versions up to 2022. contains a security vulnerability.