Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-9486 | Use of Hard-coded Credentials vulnerability in Kubernetes Image Builder A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. | 9.8 |
| 2024-10-15 | CVE-2024-9594 | Use of Hard-coded Credentials vulnerability in Kubernetes Image Builder A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. | 8.1 |
| 2024-10-15 | CVE-2024-45275 | Use of Hard-coded Credentials vulnerability in multiple products The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. | 9.8 |
| 2024-09-30 | CVE-2024-8448 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell. | 8.8 |
| 2024-09-30 | CVE-2024-8449 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password. | 6.8 |
| 2024-09-30 | CVE-2024-8450 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges. | 9.8 |
| 2024-09-28 | CVE-2024-23958 | Use of Hard-coded Credentials vulnerability in Autel Maxicharger AC Elite Business C50 Firmware 1.32.00 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. | 8.8 |
| 2024-09-25 | CVE-2024-43423 | Use of Hard-coded Credentials vulnerability in Doverfuelingsolutions products The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. | 9.8 |
| 2024-09-19 | CVE-2023-27584 | Use of Hard-coded Credentials vulnerability in D7Y Dragonfly Dragonfly is an open source P2P-based file distribution and image acceleration system. | 9.8 |
| 2024-09-19 | CVE-2024-45861 | Use of Hard-coded Credentials vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. | 7.5 |