Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-03 | CVE-2018-10167 | Use of Hard-coded Credentials vulnerability in Tp-Link EAP Controller 2.5.4/2.6.0 The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. | 7.5 |
| 2018-05-02 | CVE-2018-6401 | Use of Hard-coded Credentials vulnerability in Meross Mss110 Firmware 1.1.24 Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password. | 9.8 |
| 2018-05-01 | CVE-2017-14014 | Use of Hard-coded Credentials vulnerability in Bostonscientific Zoom Latitude PRM 3120 Firmware Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. | 4.6 |
| 2018-04-30 | CVE-2018-10575 | Use of Hard-coded Credentials vulnerability in Watchguard Ap100 Firmware, Ap102 Firmware and Ap200 Firmware An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. | 9.8 |
| 2018-04-24 | CVE-2017-9656 | Use of Hard-coded Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069 The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. | 9.1 |
| 2018-04-24 | CVE-2018-10328 | Use of Hard-coded Credentials vulnerability in Momentum Axel 720P Firmware 5.1.8 Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account, which allows remote attackers to view the RTSP video stream. | 7.4 |
| 2018-04-18 | CVE-2018-7241 | Use of Hard-coded Credentials vulnerability in Schneider-Electric products Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |
| 2018-04-05 | CVE-2014-3413 | Use of Hard-coded Credentials vulnerability in Juniper Junos Space 13.3 The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access. | 9.8 |
| 2018-04-02 | CVE-2016-8717 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 9.8 |
| 2018-04-01 | CVE-2018-9149 | Use of Hard-coded Credentials vulnerability in Zyxel Ac3000 Firmware The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to protect the UART. | 6.8 |