CVE-2020-14068
An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executar_login.php.
Source: CVE-2020-14068
[월:] 2020년 06월
CVE-2020-15320
CVE-2020-15320
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.
Source: CVE-2020-15320
CVE-2020-15316
CVE-2020-15316
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.
Source: CVE-2020-15316
CVE-2020-15322
CVE-2020-15322
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.
Source: CVE-2020-15322
CVE-2020-15323
CVE-2020-15323
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
Source: CVE-2020-15323
CVE-2020-15324
CVE-2020-15324
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
Source: CVE-2020-15324
CVE-2020-15317
CVE-2020-15317
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.
Source: CVE-2020-15317
CVE-2020-15319
CVE-2020-15319
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.
Source: CVE-2020-15319
CVE-2020-15318
CVE-2020-15318
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.
Source: CVE-2020-15318
CVE-2020-15321
CVE-2020-15321
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.
Source: CVE-2020-15321