Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-23 | CVE-2014-3205 | Use of Hard-coded Credentials vulnerability in Seagate products backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user. | 9.8 |
| 2018-02-20 | CVE-2015-9254 | Use of Hard-coded Credentials vulnerability in Datto products Datto ALTO and SIRIS devices have a default VNC password. | 9.8 |
| 2018-02-15 | CVE-2017-12726 | Use of Hard-coded Credentials vulnerability in Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1/1.5/1.6 A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. | 7.3 |
| 2018-02-15 | CVE-2017-12725 | Use of Hard-coded Credentials vulnerability in Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1/1.5/1.6 A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. | 5.6 |
| 2018-02-15 | CVE-2017-12724 | Use of Hard-coded Credentials vulnerability in Smiths-Medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1/1.5/1.6 A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. | 8.1 |
| 2018-02-12 | CVE-2018-1214 | Use of Hard-coded Credentials vulnerability in Dell EMC Supportassist Enterprise 1.1 Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. | 7.0 |
| 2018-02-09 | CVE-2018-6825 | Use of Hard-coded Credentials vulnerability in Omninova Vobot Firmware An issue was discovered on VOBOT CLOCK before 0.99.30 devices. | 9.8 |
| 2018-02-08 | CVE-2012-2166 | Use of Hard-coded Credentials vulnerability in IBM products IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. | 9.8 |
| 2018-02-06 | CVE-2016-3953 | Use of Hard-coded Credentials vulnerability in Web2Py The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function. | 9.8 |
| 2018-02-05 | CVE-2018-5797 | Use of Hard-coded Credentials vulnerability in Extremenetworks Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |