CVE-2024-38885
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker t
CVSS
7.5
High
EPSS
0.5%
p41
KEV
—
Exploit Today
12
0-100
Published: Aug 2, 2024 · Last modified: Jul 5, 2026 · CWE-259
0.5%EPSS · 30 days0.6%
2026-06-302026-07-17
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-353958.8 HIG35.5%
——11TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.9dCVE-2026-220558.8 HIG14.6%
——4Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.18dCVE-2026-220548.8 HIG14.6%
——4Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.18d