Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2023-02-11 CVE-2022-34449 Use of Hard-coded Credentials vulnerability in Dell Powerpath Management Appliance 3.2/3.3
PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability.
local
low complexity
dell CWE-798
6.0
2023-02-10 CVE-2022-45766 Use of Hard-coded Credentials vulnerability in Keystorage Global Facilities Management Software 3.0
Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.
network
low complexity
keystorage CWE-798
critical
9.1
2023-02-09 CVE-2023-21426 Use of Hard-coded Credentials vulnerability in Samsung Android 10.0
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.
local
low complexity
samsung CWE-798
5.5
2023-02-06 CVE-2021-36224 Use of Hard-coded Credentials vulnerability in Westerndigital MY Cloud OS
Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
network
low complexity
westerndigital CWE-798
critical
9.8
2023-02-03 CVE-2023-24147 Use of Hard-coded Credentials vulnerability in Totolink Ca300-Poe Firmware 6.2C.884
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini.
network
low complexity
totolink CWE-798
7.5
2023-02-03 CVE-2023-24149 Use of Hard-coded Credentials vulnerability in Totolink Ca300-Poe Firmware 6.2C.884
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow.
network
low complexity
totolink CWE-798
critical
9.8
2023-02-03 CVE-2023-24155 Use of Hard-coded Credentials vulnerability in Totolink T8 Firmware V4.1.5Cu
TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /web_cste/cgi-bin/product.ini.
network
low complexity
totolink CWE-798
critical
9.8
2023-02-02 CVE-2022-48113 Use of Hard-coded Credentials vulnerability in Totolink N200Re-V5 Firmware 9.3.5U.6139
A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request.
network
low complexity
totolink CWE-798
critical
9.8
2023-02-01 CVE-2023-23132 Use of Hard-coded Credentials vulnerability in Selfwealth 3.3.1
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure.
network
low complexity
selfwealth CWE-798
7.5
2023-01-27 CVE-2022-43978 Use of Hard-coded Credentials vulnerability in Pandorafms Pandora FMS
There is an improper authentication vulnerability in Pandora FMS v764.
network
high complexity
pandorafms CWE-798
3.7