Vulnerabilities > Use of Hard-coded Credentials
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-25 | CVE-2022-29830 | Use of Hard-coded Credentials vulnerability in Mitsubishielectric GX Works3 Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Motion Control Setting(GX Works3 related software) versions from 1.000A and later allows a remote unauthenticated attacker to disclose or tamper with sensitive information. | 9.1 |
2022-11-25 | CVE-2022-29831 | Use of Hard-coded Credentials vulnerability in Mitsubishielectric GX Works3 Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules. | 7.5 |
2022-11-22 | CVE-2022-40602 | Use of Hard-coded Credentials vulnerability in Zyxel Lte3301-M209 Firmware 1.00(Ablg.2)C0/1.00(Ablg.4)C0 A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator. | 9.8 |
2022-11-07 | CVE-2022-37710 | Use of Hard-coded Credentials vulnerability in Pattersondental Eaglesoft 21.0 Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. | 7.8 |
2022-11-04 | CVE-2022-40263 | Use of Hard-coded Credentials vulnerability in BD Totalys Multiprocessor Firmware 1.70 BD Totalys MultiProcessor, versions 1.70 and earlier, contain hardcoded credentials. | 7.8 |
2022-11-04 | CVE-2022-20868 | Use of Hard-coded Credentials vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. | 8.8 |
2022-11-02 | CVE-2022-26119 | Use of Hard-coded Credentials vulnerability in Fortinet Fortisiem A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password. | 7.8 |
2022-10-24 | CVE-2021-4228 | Use of Hard-coded Credentials vulnerability in Lannerinc Iac-Ast2500 Firmware 1.00.0 Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. | 7.4 |
2022-10-24 | CVE-2022-38117 | Use of Hard-coded Credentials vulnerability in Juiker 4.6.0311.1 Juiker app hard-coded its AES key in the source code. | 6.1 |
2022-10-20 | CVE-2022-42176 | Use of Hard-coded Credentials vulnerability in Pctechsoft Pcsecure 5.0.8.Xw In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access. | 7.8 |