Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-33372 Use of Hard-coded Credentials vulnerability in Connectedio Connected IO
Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT.
network
low complexity
connectedio CWE-798
critical
9.8
2023-08-03 CVE-2023-33371 Use of Hard-coded Credentials vulnerability in Assaabloy Control ID Idsecure 4.7.26.0
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.
network
low complexity
assaabloy CWE-798
critical
9.8
2023-07-30 CVE-2023-32227 Use of Hard-coded Credentials vulnerability in Synel Synergy/A Firmware
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
network
low complexity
synel CWE-798
critical
9.8
2023-07-30 CVE-2023-37215 Use of Hard-coded Credentials vulnerability in JBL BAR 5.1 Surround Firmware
JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials
network
low complexity
jbl CWE-798
critical
9.8
2023-07-27 CVE-2023-33744 Use of Hard-coded Credentials vulnerability in Teleadapt Roomcast Ta-2400 Firmware 1.0/3.1
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671.
network
low complexity
teleadapt CWE-798
critical
9.8
2023-07-26 CVE-2023-38433 Use of Hard-coded Credentials vulnerability in Fujitsu products
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission.
network
low complexity
fujitsu CWE-798
7.5
2023-07-18 CVE-2023-35763 Use of Hard-coded Credentials vulnerability in Iagona Scrutisweb 2.1.37
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext.
local
low complexity
iagona CWE-798
5.5
2023-07-13 CVE-2023-34123 Use of Hard-coded Credentials vulnerability in Sonicwall Analytics and Global Management System
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics.
network
low complexity
sonicwall CWE-798
7.5
2023-07-05 CVE-2023-36623 Use of Hard-coded Credentials vulnerability in Loxone Miniserver GO GEN 2 Firmware 14.1.5.9
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address.
local
low complexity
loxone CWE-798
7.8
2023-07-05 CVE-2023-34338 Use of Hard-coded Credentials vulnerability in AMI Megarac Sp-X 12/13
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate.
network
low complexity
ami CWE-798
critical
9.8