Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-30 | CVE-2016-10305 | Use of Hard-coded Credentials vulnerability in Gotrango products Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. | 9.8 |
| 2017-03-09 | CVE-2017-6558 | Use of Hard-coded Credentials vulnerability in Iball Ib-Wra150N Firmware 1.2.6 iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file. | 9.8 |
| 2017-03-06 | CVE-2017-6351 | Use of Hard-coded Credentials vulnerability in Wepresent Wipg-1500 Firmware 1.0.3.7 The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. | 8.1 |
| 2017-03-02 | CVE-2017-5230 | Use of Hard-coded Credentials vulnerability in Rapid7 Nexpose The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. | 7.2 |
| 2017-03-02 | CVE-2017-6403 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. | 9.8 |
| 2017-02-13 | CVE-2017-5167 | Use of Hard-coded Credentials vulnerability in Binom3 Universal Multifunctional Electric Power Quality Meter Firmware An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. | 8.6 |
| 2017-02-13 | CVE-2016-8567 | Use of Hard-coded Credentials vulnerability in Siemens Sicam Pas/Pqs 7.0 An issue was discovered in Siemens SICAM PAS before 8.00. | 9.8 |
| 2017-02-13 | CVE-2016-8361 | Use of Hard-coded Credentials vulnerability in Lynxspring Jenesys BAS Bridge 1.1.8 An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. | 8.6 |
| 2017-02-13 | CVE-2016-5818 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Powerlogic Pm8Ecc Firmware 2.651 An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. | 9.8 |
| 2017-02-08 | CVE-2016-8954 | Use of Hard-coded Credentials vulnerability in IBM Dashdb Local IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | 9.8 |