Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-23 | CVE-2017-8077 | Use of Hard-coded Credentials vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2 On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). | 7.5 |
| 2017-04-21 | CVE-2016-1560 | Use of Hard-coded Credentials vulnerability in Exagrid products ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session. | 9.8 |
| 2017-04-11 | CVE-2017-7462 | Use of Hard-coded Credentials vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05 Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | 9.8 |
| 2017-04-10 | CVE-2017-7648 | Use of Hard-coded Credentials vulnerability in Foscam products Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 8.1 |
| 2017-04-10 | CVE-2015-2887 | Use of Hard-coded Credentials vulnerability in Ibaby M3S Baby Monitor Firmware iBaby M3S has a password of admin for the backdoor admin account. | 9.8 |
| 2017-04-10 | CVE-2015-2885 | Use of Hard-coded Credentials vulnerability in Lens Laboratories Peek-A-View Firmware Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account. | 9.8 |
| 2017-04-10 | CVE-2015-2882 | Use of Hard-coded Credentials vulnerability in Philips In.Sight B12037 Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account. | 9.8 |
| 2017-04-10 | CVE-2015-2881 | Use of Hard-coded Credentials vulnerability in Gynoii Gcw-1010, Gcw-1020 and Gpw-1025 Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account. | 9.8 |
| 2017-04-06 | CVE-2017-7576 | Use of Hard-coded Credentials vulnerability in Dragonwavex Horizon Wireless Radio Firmware 1.01.03 DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. | 9.8 |
| 2017-04-06 | CVE-2017-7574 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Modicon Tm221Ce16R Firmware and Somachine Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. | 9.8 |