Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2022-03-24 CVE-2022-25568 Insecure Default Initialization of Resource vulnerability in Motioneye Project Motioneye
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list.
network
low complexity
motioneye-project CWE-1188
7.5
2021-12-07 CVE-2021-38759 Insecure Default Initialization of Resource vulnerability in Raspberrypi Raspberry PI OS Lite 5.10
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account.
network
low complexity
raspberrypi CWE-1188
critical
10.0
2021-11-24 CVE-2021-41192 Insecure Default Initialization of Resource vulnerability in Redash
Redash is a package for data visualization and sharing.
network
redash CWE-1188
3.5
2021-11-18 CVE-2021-35535 Insecure Default Initialization of Resource vulnerability in Hitachi products
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product.
network
hitachi CWE-1188
6.8
2021-11-04 CVE-2021-34795 Insecure Default Initialization of Resource vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.
network
low complexity
cisco CWE-1188
critical
9.8
2021-10-08 CVE-2021-42109 Insecure Default Initialization of Resource vulnerability in Vitec products
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
network
low complexity
vitec CWE-1188
critical
10.0
2021-09-17 CVE-2021-40825 Insecure Default Initialization of Resource vulnerability in Acuitybrands Nlight Eclypse System Controller Firmware
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability.
network
low complexity
acuitybrands CWE-1188
5.0
2021-08-16 CVE-2021-0114 Insecure Default Initialization of Resource vulnerability in Intel products
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-1188
7.2
2021-07-19 CVE-2021-35965 Insecure Default Initialization of Resource vulnerability in Learningdigital Orca HCM
The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in.
network
low complexity
learningdigital CWE-1188
critical
9.8
2021-07-15 CVE-2020-12732 Insecure Default Initialization of Resource vulnerability in Depstech Wifi Digital Microscope 3 Firmware
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.
low complexity
depstech CWE-1188
3.3