Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2017-6131 | Use of Hard-coded Credentials vulnerability in F5 products In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. | 9.8 |
| 2017-05-21 | CVE-2017-9132 | Use of Hard-coded Credentials vulnerability in Mimosa Backhaul Radios and Client Radios A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. | 7.5 |
| 2017-05-06 | CVE-2017-7927 | Use of Hard-coded Credentials vulnerability in Dahuasecurity products A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. | 7.3 |
| 2017-04-26 | CVE-2017-6054 | Use of Hard-coded Credentials vulnerability in Hyundaiusa Blue Link 3.9.4/3.9.5 A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. | 7.5 |
| 2017-04-25 | CVE-2017-8224 | Use of Hard-coded Credentials vulnerability in Wificam Wireless IP Camera (P2P) Firmware Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. | 9.8 |
| 2017-04-24 | CVE-2015-7246 | Use of Hard-coded Credentials vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access. | 9.8 |
| 2017-04-23 | CVE-2017-8077 | Use of Hard-coded Credentials vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2 On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). | 7.5 |
| 2017-04-21 | CVE-2016-1560 | Use of Hard-coded Credentials vulnerability in Exagrid products ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session. | 9.8 |
| 2017-04-11 | CVE-2017-7462 | Use of Hard-coded Credentials vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05 Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | 9.8 |
| 2017-04-10 | CVE-2017-7648 | Use of Hard-coded Credentials vulnerability in Foscam products Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 8.1 |