Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2023-03-28 CVE-2023-28654 Use of Hard-coded Credentials vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01
Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration.
network
low complexity
propumpservice CWE-798
critical
9.8
2023-03-21 CVE-2023-0391 Use of Hard-coded Credentials vulnerability in Mgt-Commerce Cloudpanel
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel.
network
high complexity
mgt-commerce CWE-798
8.1
2023-03-14 CVE-2023-26511 Use of Hard-coded Credentials vulnerability in Propius Machineselector 6.6.0/6.6.1
A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system.
network
low complexity
propius CWE-798
critical
9.8
2023-03-13 CVE-2023-27583 Use of Hard-coded Credentials vulnerability in Panindex Project Panindex
PanIndex is a network disk directory index.
network
low complexity
panindex-project CWE-798
critical
9.8
2023-03-06 CVE-2023-22344 Use of Hard-coded Credentials vulnerability in Dos-Osaka Rakuraku PC Cloud Agent and SS1
Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it.
network
low complexity
dos-osaka CWE-798
critical
9.8
2023-02-23 CVE-2023-25823 Use of Hard-coded Credentials vulnerability in Gradio Project Gradio
Gradio is an open-source Python library to build machine learning and data science demos and web applications.
network
low complexity
gradio-project CWE-798
critical
9.8
2023-02-23 CVE-2023-26462 Use of Hard-coded Credentials vulnerability in Thingsboard 3.4.1
ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials (usable for privilege escalation) are stored in an insecure format.
network
high complexity
thingsboard CWE-798
8.1
2023-02-21 CVE-2022-46637 Use of Hard-coded Credentials vulnerability in Prolink2U Prs1841 Firmware UV2
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.
network
low complexity
prolink2u CWE-798
critical
9.8
2023-02-13 CVE-2023-0808 Use of Hard-coded Credentials vulnerability in multiple products
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.
6.8
2023-02-11 CVE-2022-34386 Use of Hard-coded Credentials vulnerability in Dell products
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability.
local
low complexity
dell CWE-798
5.5