Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-04 | CVE-2024-3272 | Use of Hard-coded Credentials vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. | 9.8 |
| 2024-02-13 | CVE-2024-23816 | A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All versions < V4.3), Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) (All versions < V4.3), Location Intelligence SUS Large (9DE5110-8CA13-1BX0) (All versions < V4.3), Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) (All versions < V4.3), Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) (All versions < V4.3), Location Intelligence SUS Small (9DE5110-8CA11-1BX0) (All versions < V4.3). | 9.8 |
| 2024-02-10 | CVE-2024-22313 | Use of Hard-coded Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |
| 2024-02-07 | CVE-2023-38995 | Use of Hard-coded Credentials vulnerability in Schuhfried An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command. | 9.8 |
| 2024-02-06 | CVE-2024-22853 | Use of Hard-coded Credentials vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | 9.8 |
| 2024-02-02 | CVE-2024-21764 | Use of Hard-coded Credentials vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. | 9.8 |
| 2024-02-01 | CVE-2023-46706 | Use of Hard-coded Credentials vulnerability in Machinesense Feverwarn Firmware Multiple MachineSense devices have credentials unable to be changed by the user or administrator. | 9.8 |
| 2024-01-30 | CVE-2024-24324 | Use of Hard-coded Credentials vulnerability in Totolink A8000Ru Firmware 7.1Cu.643B20200521 TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. | 9.8 |
| 2024-01-29 | CVE-2023-51840 | Use of Hard-coded Credentials vulnerability in Html-Js Doracms 2.1.8 DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. | 9.8 |
| 2024-01-27 | CVE-2023-6482 | Use of Hard-coded Credentials vulnerability in Synaptics Fingerprint Driver 6.0.00.1111 Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the template database. | 5.2 |