Monthly
Redeight CMS 1.0 stores user passwords using unsalted MD5 hashes, enabling any attacker who obtains the credential database to recover plaintext passwords nearly instantaneously via precomputed rainbow tables. All stored credentials are effectively exposed upon database compromise, since MD5 is cryptographically broken and the absence of per-user salts eliminates hash uniqueness across identical passwords. No public exploit code or confirmed active exploitation has been identified at time of analysis, but the cracking technique is trivially automated and requires no specialized skill.
Weak password encoding in Dell Client Platform BIOS (CWE-261) exposes BIOS credentials to recovery by a physically present unauthenticated attacker, enabling privilege escalation through unauthorized BIOS access. Affected hardware spans ruggedized Latitude field devices, Precision workstation towers and racks, and Edge/Embedded Gateway platforms - product categories frequently deployed in physically accessible or unattended environments. No public exploit code exists and no active exploitation has been identified at time of analysis, but the combination of credential recoverability and high-confidentiality/high-integrity CVSS impact makes patching a priority for organizations managing assets in low-physical-security locations.
Weak password encoding in STER (all versions before 9.5) exposes stored credentials to local reverse-engineering by any low-privileged user on the system. The root cause (CWE-261) is use of a reversible or insufficiently one-way encoding scheme rather than a cryptographically strong hashing algorithm, enabling an attacker who can observe encoded password data to deduce plaintext values by analyzing patterns across known-value samples. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, the high confidentiality impact (VC:H in CVSS 4.0) confirms that successful exploitation fully exposes affected credentials. The issue was reported by CERT-PL and fixed by CIOP-PIB in version 9.5.
An authentication bypass vulnerability in Tinycontrol network devices (tcPDU and LAN Controllers LK3.5, LK3.9, LK4) exposes usernames and encoded passwords for both normal and admin users through unauthenticated HTTP requests to the login page. The vulnerability affects devices running older firmware versions when the secondary authentication mechanism is disabled (default setting), allowing any attacker on the local network to harvest credentials without authentication. With an EPSS score of 0.00043 and no KEV listing, this vulnerability shows low real-world exploitation activity despite its high CVSS score of 8.7.
Use of a custom token encoding algorithm in Streamsoft Prestiż software allows the value of the KSeF (Krajowy System e-Faktur) token to be guessed after analyzing how tokens with know values are encoded. This issue was fixed in version 20.0.380.92.
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. [CVSS 5.3 MEDIUM]
An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. [CVSS 6.1 MEDIUM]
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Weak encoding for password vulnerability exists in HMI ViewJet C-more series. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Redeight CMS 1.0 stores user passwords using unsalted MD5 hashes, enabling any attacker who obtains the credential database to recover plaintext passwords nearly instantaneously via precomputed rainbow tables. All stored credentials are effectively exposed upon database compromise, since MD5 is cryptographically broken and the absence of per-user salts eliminates hash uniqueness across identical passwords. No public exploit code or confirmed active exploitation has been identified at time of analysis, but the cracking technique is trivially automated and requires no specialized skill.
Weak password encoding in Dell Client Platform BIOS (CWE-261) exposes BIOS credentials to recovery by a physically present unauthenticated attacker, enabling privilege escalation through unauthorized BIOS access. Affected hardware spans ruggedized Latitude field devices, Precision workstation towers and racks, and Edge/Embedded Gateway platforms - product categories frequently deployed in physically accessible or unattended environments. No public exploit code exists and no active exploitation has been identified at time of analysis, but the combination of credential recoverability and high-confidentiality/high-integrity CVSS impact makes patching a priority for organizations managing assets in low-physical-security locations.
Weak password encoding in STER (all versions before 9.5) exposes stored credentials to local reverse-engineering by any low-privileged user on the system. The root cause (CWE-261) is use of a reversible or insufficiently one-way encoding scheme rather than a cryptographically strong hashing algorithm, enabling an attacker who can observe encoded password data to deduce plaintext values by analyzing patterns across known-value samples. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, the high confidentiality impact (VC:H in CVSS 4.0) confirms that successful exploitation fully exposes affected credentials. The issue was reported by CERT-PL and fixed by CIOP-PIB in version 9.5.
An authentication bypass vulnerability in Tinycontrol network devices (tcPDU and LAN Controllers LK3.5, LK3.9, LK4) exposes usernames and encoded passwords for both normal and admin users through unauthenticated HTTP requests to the login page. The vulnerability affects devices running older firmware versions when the secondary authentication mechanism is disabled (default setting), allowing any attacker on the local network to harvest credentials without authentication. With an EPSS score of 0.00043 and no KEV listing, this vulnerability shows low real-world exploitation activity despite its high CVSS score of 8.7.
Use of a custom token encoding algorithm in Streamsoft Prestiż software allows the value of the KSeF (Krajowy System e-Faktur) token to be guessed after analyzing how tokens with know values are encoded. This issue was fixed in version 20.0.380.92.
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. [CVSS 5.3 MEDIUM]
An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. [CVSS 6.1 MEDIUM]
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Weak encoding for password vulnerability exists in HMI ViewJet C-more series. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.