CWE:
 

Topic
Date
Author
Med.
CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded Web Application Administrator Password
27.05.2021
Jim Becher
Low
Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity
07.07.2017
Matt Bergin
High
SAP Hybris E-commerce Suite 5.1.0.3 Hard-Coded Password
17.08.2016
Aleksey Tyurin
High
Lorex ECO DVR Backdoor Account
01.06.2016
Andrew Hofmans
High
LIXIL Satis Toilet Hard-Coded Bluetooth PIN
02.08.2013
Daniel Crowley


CVEMAP Search Results

CVE
Details
Description
2024-07-08
Waiting for details
CVE-2023-46685

Updating...
 

 
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network packets can lead to arbitrary command execution.

 
2024-07-02
Waiting for details
CVE-2024-4708

Updating...
 

 
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.

 
2024-05-15
Waiting for details
CVE-2024-33625

Updating...
 

 
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This could result in an attacker forging JWT tokens to bypass authentication.

 
Waiting for details
CVE-2024-34025

Updating...
 

 
CyberPower PowerPanel business application code contains a hard-coded set of authentication credentials. This could result in an attacker bypassing authentication and gaining administrator privileges.

 
2024-05-14
Waiting for details
CVE-2024-32741

Updating...
 

 
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot loader `GRUB` by default . An attacker who manages to crack the password hash gains root access to the device.

 
2024-05-01
Waiting for details
CVE-2024-29011

Updating...
 

 
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and earlier versions.

 
2024-03-18
Waiting for details
CVE-2024-27774

Updating...
 

 
Unitronics Unistream Unilogic �?? Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware

 
2024-01-08
Waiting for details
CVE-2023-50948

Updating...
 

 
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671.

 
2023-09-27
Waiting for details
CVE-2023-5222

Updating...
 

 
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This vulnerability affects the function isValidUser of the file /cgi-bin/vitogate.cgi of the component Web Management Interface. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240364. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
2023-06-14
Waiting for details
CVE-2023-3237

Updating...
 

 
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument username/password with the input admin leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231508.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top