Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2021-11-04 CVE-2021-34795 Insecure Default Initialization of Resource vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.
network
low complexity
cisco CWE-1188
critical
9.8
2021-10-08 CVE-2021-42109 Insecure Default Initialization of Resource vulnerability in Vitec products
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
network
low complexity
vitec CWE-1188
critical
9.8
2021-09-17 CVE-2021-40825 Insecure Default Initialization of Resource vulnerability in Acuitybrands Nlight Eclypse System Controller Firmware
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability.
network
low complexity
acuitybrands CWE-1188
8.6
2021-08-16 CVE-2021-0114 Insecure Default Initialization of Resource vulnerability in Intel products
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-1188
6.7
2021-07-15 CVE-2020-12732 Insecure Default Initialization of Resource vulnerability in Depstech Wifi Digital Microscope 3 Firmware
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.
low complexity
depstech CWE-1188
6.5
2021-07-14 CVE-2021-0144 Insecure Default Initialization of Resource vulnerability in Intel products
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-1188
6.7
2021-07-01 CVE-2021-35336 Insecure Default Initialization of Resource vulnerability in Tieline IP Audtio Gateway Firmware 2.6.4.8
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control.
network
low complexity
tieline CWE-1188
critical
9.8
2021-06-22 CVE-2021-0534 Insecure Default Initialization of Resource vulnerability in Google Android 11.0
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast protection due to an insecure default value.
local
low complexity
google CWE-1188
7.8
2021-06-16 CVE-2021-34203 Insecure Default Initialization of Resource vulnerability in Dlink Dir-2640-Us Firmware 1.01B04
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control.
low complexity
dlink CWE-1188
8.1
2021-05-06 CVE-2021-21505 Insecure Default Initialization of Resource vulnerability in Dell EMC Integrated System for Microsoft Azure Stack HUB Firmware 1906/2011
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account.
network
low complexity
dell CWE-1188
critical
9.8