Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-19 | CVE-2017-11436 | Use of Hard-coded Credentials vulnerability in Dlink Dir-615 20.12Ptb01 D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. | 9.8 |
| 2017-07-17 | CVE-2017-8011 | Use of Hard-coded Credentials vulnerability in Dell products EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. | 9.8 |
| 2017-07-17 | CVE-2017-2343 | Use of Hard-coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49 The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. | 9.8 |
| 2017-07-09 | CVE-2017-4976 | Use of Hard-coded Credentials vulnerability in EMC Esrs Policy Manager 6.7 EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. | 9.8 |
| 2017-07-07 | CVE-2017-2236 | Use of Hard-coded Credentials vulnerability in Toshiba Hem-Gw16A Firmware and Hem-Gw26A Firmware Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges. | 9.8 |
| 2017-06-30 | CVE-2017-6022 | Use of Hard-coded Credentials vulnerability in BD KLA Journal Service and Performa A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. | 9.8 |
| 2017-06-30 | CVE-2016-9358 | Use of Hard-coded Credentials vulnerability in Marel products A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520, P574, SensorX13 QC flow line, SensorX23 QC Master, SensorX23 QC Slave, Speed Batcher, T374, T377, V36, V36B, and V36C; M3210 terminal associated with the same systems as the M3000 terminal identified above; M3000 desktop software associated with the same systems as the M3000 terminal identified above; MAC4 controller associated with the same systems as the M3000 terminal identified above; SensorX23 X-ray machine; SensorX25 X-ray machine; and MWS2 weighing system. | 9.8 |
| 2017-06-21 | CVE-2016-8731 | Use of Hard-coded Credentials vulnerability in Foscam C1 Webcam Firmware 1.9.1.12 Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. | 9.8 |
| 2017-06-06 | CVE-2016-0726 | Use of Hard-coded Credentials vulnerability in Nagios The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials. | 9.8 |
| 2017-06-02 | CVE-2017-6039 | Use of Hard-coded Credentials vulnerability in Phoenixbroadband Poweragent SC3 BMS Firmware 6.86 A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. | 5.3 |