Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2017-07-31 CVE-2017-11743 Use of Hard-coded Credentials vulnerability in Medhost Connex
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access.
network
low complexity
medhost CWE-798
critical
9.8
2017-07-31 CVE-2017-9488 Use of Hard-coded Credentials vulnerability in Cisco Dpc3939 Firmware and Dpc3941T Firmware
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded credentials.
low complexity
cisco CWE-798
8.8
2017-07-28 CVE-2017-11694 Use of Hard-coded Credentials vulnerability in Medhost Document Management System
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access.
network
low complexity
medhost CWE-798
critical
9.1
2017-07-28 CVE-2017-11693 Use of Hard-coded Credentials vulnerability in Medhost Document Management System
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access.
network
low complexity
medhost CWE-798
critical
9.1
2017-07-25 CVE-2017-11614 Use of Hard-coded Credentials vulnerability in Medhost Connex
MEDHOST Connex contains hard-coded credentials that are used for customer database access.
network
low complexity
medhost CWE-798
critical
9.8
2017-07-22 CVE-2017-7336 Use of Hard-coded Credentials vulnerability in Fortinet Fortiwlm 8.2.2/8.2.4/8.3.0
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.
network
low complexity
fortinet CWE-798
critical
9.8
2017-07-22 CVE-2017-3222 Use of Hard-coded Credentials vulnerability in Inmarsat Amosconnect
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
network
low complexity
inmarsat CWE-798
critical
9.8
2017-07-21 CVE-2017-9932 Use of Hard-coded Credentials vulnerability in Greenpacket Dx-350 Firmware 2.8.9.5G1.4.8Atheeb
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account.
network
low complexity
greenpacket CWE-798
critical
9.8
2017-07-19 CVE-2017-11436 Use of Hard-coded Credentials vulnerability in Dlink Dir-615 20.12Ptb01
D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection.
network
low complexity
dlink CWE-798
critical
9.8
2017-07-17 CVE-2017-8011 Use of Hard-coded Credentials vulnerability in Dell products
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components.
network
low complexity
dell CWE-798
critical
9.8