Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2016-5818 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Powerlogic Pm8Ecc Firmware 2.651 An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. | 9.8 |
| 2017-02-08 | CVE-2016-8954 | Use of Hard-coded Credentials vulnerability in IBM Dashdb Local IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | 9.8 |
| 2017-02-02 | CVE-2017-5600 | Use of Hard-coded Credentials vulnerability in Netapp Oncommand Insight The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account. | 9.8 |
| 2017-02-01 | CVE-2016-8491 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiwlc The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. | 9.1 |
| 2017-01-30 | CVE-2016-10179 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 7.5 |
| 2017-01-30 | CVE-2016-10177 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 9.8 |
| 2017-01-09 | CVE-2016-10125 | Use of Hard-coded Credentials vulnerability in Dlink Dgs-1100 Firmware 1.01.018 D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. | 8.1 |
| 2017-01-06 | CVE-2015-2867 | Use of Hard-coded Credentials vulnerability in Trane Comfortlink II Firmware 2.0.2 A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. | 9.8 |
| 2017-01-04 | CVE-2016-10115 | Use of Hard-coded Credentials vulnerability in Netgear products NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration. | 9.8 |
| 2016-12-14 | CVE-2016-3685 | Use of Hard-coded Credentials vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338. | 4.7 |