Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-16 | CVE-2022-37255 | Use of Hard-coded Credentials vulnerability in Tp-Link Tapo C310 Firmware 1.3.0 TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL075526460603. | 7.5 |
| 2023-04-11 | CVE-2023-22429 | Use of Hard-coded Credentials vulnerability in Wolt Delivery 4.27.2 Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials (API key for an external service), which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary. | 7.8 |
| 2023-04-04 | CVE-2023-1748 | Use of Hard-coded Credentials vulnerability in Getnexx products The listed versions of Nexx Smart Home devices use hard-coded credentials. | 10.0 |
| 2023-03-28 | CVE-2023-28654 | Use of Hard-coded Credentials vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. | 9.8 |
| 2023-03-21 | CVE-2023-0391 | Use of Hard-coded Credentials vulnerability in Mgt-Commerce Cloudpanel MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. | 8.1 |
| 2023-03-14 | CVE-2023-26511 | Use of Hard-coded Credentials vulnerability in Propius Machineselector 6.6.0/6.6.1 A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system. | 9.8 |
| 2023-03-13 | CVE-2023-27583 | Use of Hard-coded Credentials vulnerability in Panindex Project Panindex PanIndex is a network disk directory index. | 9.8 |
| 2023-03-06 | CVE-2023-22344 | Use of Hard-coded Credentials vulnerability in Dos-Osaka Rakuraku PC Cloud Agent and SS1 Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. | 9.8 |
| 2023-02-23 | CVE-2023-25823 | Use of Hard-coded Credentials vulnerability in Gradio Project Gradio Gradio is an open-source Python library to build machine learning and data science demos and web applications. | 9.8 |
| 2023-02-23 | CVE-2023-26462 | Use of Hard-coded Credentials vulnerability in Thingsboard 3.4.1 ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials (usable for privilege escalation) are stored in an insecure format. | 8.1 |