CWE:
 

Tytuł
Data
Autor
High
SAP Wily Introscope Enterprise Default Hard-Coded Credentials
15.06.2021
Yvan Genuer
Med.
CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded API Keys Exposed
27.05.2021
Jim Becher
High
Barco wePresent Global Hardcoded Root SSH Password
21.11.2020
Jim Becher
Med.
Barco wePresent Hardcoded API Credentials
21.11.2020
Jim Becher
High
Heatmiser Netmonitor 3.03 Hardcoded Credentials
31.12.2019
Ismail Tasdelen
Med.
Fortinet FortiRecorder 2.7.3 Hardcoded Password
08.08.2019
XORcat
High
HPE VAN SDN 2.7.18.0503 Remote Root
28.06.2018
KoreLogic
High
HP Enterprise VAN SDN Controller 2.7.18.0503 Remote Root
27.06.2018
Matthew Bergin
High
Solarwinds LEM 6.3.1 Hardcoded Credentials
25.04.2017
Matt Bergin
High
Cisco Firepower Threat Management Console Hard-Coded MySQL Credentials
06.10.2016
Matt Bergin
High
AVer Information EH6108H+ Authentication Bypass / Inforation Exposure
28.09.2016
Multiple
High
Seagate GoFlex Satellite Remote Telnet Default Password
19.12.2015
Matt Bergin
High
ZTE ZXHN H108N R1A / ZXV10 W300 Traversal / Disclosure / Authorization
21.11.2015
Karn Ganeshen
High
SAP NetWeaver AS FKCDBFTRACE ABAP Hardcoded Credentials
10.09.2015
Rustem Gazizov, Diana ...
High
SAP NetWeaver AS LSCT1I13 ABAP Hardcoded Credentials
10.09.2015
Rustem Gazizov, Diana ...
High
AirLink101 SkyIPCam1620W OS Command Injection
09.07.2015
CORE
Low
SAP FI Manager Self-Service Hardcoded Username
30.07.2014
Onapsis
Med.
SAP Hard-Coded Credentials
07.06.2014
Ezequiel Gutesman
High
ZTE ZXV10 W300 router contains hardcoded credentials
09.02.2014
USCERT
Med.
Franklin Fuelings T550 Evo Access Control / Credentials
22.01.2014
Matt Jakubowski
High
TP-Link IP Cameras multiple vulnerabilities
28.05.2013
CORE
High
Zavio IP Cameras multiple vulnerabilities
28.05.2013
CORE
High
D-Link IP Cameras Injection & Bypass
30.04.2013
CORE


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-15
Waiting for details
CVE-2024-45275

Updating...
 

 
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

 
2024-09-30
Waiting for details
CVE-2024-8448

Updating...
 

 
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.

 
Waiting for details
CVE-2024-8450

Updating...
 

 
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.

 
2024-09-19
Waiting for details
CVE-2024-45861

Updating...
 

 
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.

 
2024-09-12
Waiting for details
CVE-2024-28990

Updating...
 

 
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities.

 
2024-09-10
Waiting for details
CVE-2024-39582

Updating...
 

 
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

 
2024-08-29
Waiting for details
CVE-2024-35118

Updating...
 

 
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device.

 
2024-08-26
Waiting for details
CVE-2024-8162

Updating...
 

 
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
2024-08-24
Waiting for details
CVE-2024-8135

Updating...
 

 
A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as 4fb9b9e80a2beedd09d9fde4b9cf5bd510baf18f. It is recommended to apply a patch to fix this issue.

 
2024-08-21
Waiting for details
CVE-2024-28987

Updating...
 

 
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top