CVE-2026-42251— Hard-coded credentials in KS-SOMED
Possible ATT&CK Techniques 3AI
T1059 · Command and Scripting Interpreter T1505 · Server Software Component T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-42251
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hard-coded credentials in KS-SOMED
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a legitimate update. This issue affects KS-SOMED with modules: KSPLUPDFTP.exe up to 30.00.00.056 and ANEKSKLIENT.EXE up to 29.00.02.026 Beside removing the hard-coded credentials from the code and changing the update process, access granted by previously exposed credentials was limited to read-only.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-42251
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-42251
请登录查看更多情报信息。
Security Blog Posts for CVE-2026-42251 (1)
- 🔗 Nie znaleziono strony | CERT Polskathird-party-advisory
IV. Related Vulnerabilities
Same weakness: CWE-798
- CVE-2026-25600
Credential Exposure Vulnerability in Trac PDBM - CVE-2026-44825
Apache Solr: Enabling BasicAuth using bin/solr CLI configure - CVE-2026-42929
MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded C - CVE-2026-7786
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 t - CVE-2026-45631
Dokploy: Pre-Auth Admin Takeover via Hardcoded Authenticatio
V. Comments for CVE-2026-42251
No comments yet