Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-13 | CVE-2017-14422 | Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.5 |
| 2017-09-13 | CVE-2017-14421 | Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 9.8 |
| 2017-09-13 | CVE-2017-11351 | Use of Hard-coded Credentials vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14 Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. | 9.8 |
| 2017-09-03 | CVE-2017-14116 | Use of Hard-coded Credentials vulnerability in ATT U-Verse Firmware 9.2.2H0D83 The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support. | 8.1 |
| 2017-09-03 | CVE-2017-14115 | Use of Hard-coded Credentials vulnerability in ATT U-Verse Firmware 9.2.2H0D83 The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and subsequently obtain unrestricted root privileges, by establishing an SSH session and then entering certain shell metacharacters and BusyBox commands. | 8.1 |
| 2017-08-28 | CVE-2014-8426 | Use of Hard-coded Credentials vulnerability in Barracuda Load Balancer 5.0.0.015 Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. | 9.8 |
| 2017-08-25 | CVE-2017-12709 | Use of Hard-coded Credentials vulnerability in Westermo products A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 5.3 |
| 2017-08-25 | CVE-2016-5816 | Use of Hard-coded Credentials vulnerability in Westermo products A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 7.5 |
| 2017-08-05 | CVE-2017-9852 | Use of Hard-coded Credentials vulnerability in SMA products An Incorrect Password Management issue was discovered in SMA Solar Technology products. | 9.8 |
| 2017-08-04 | CVE-2017-10818 | Use of Hard-coded Credentials vulnerability in Intercom Malion 5.2.1 MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service. | 9.8 |