Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2021-36224 | Use of Hard-coded Credentials vulnerability in Westerndigital MY Cloud OS Western Digital My Cloud devices before OS5 have a nobody account with a blank password. | 9.8 |
| 2023-02-03 | CVE-2023-24147 | Use of Hard-coded Credentials vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini. | 7.5 |
| 2023-02-03 | CVE-2023-24149 | Use of Hard-coded Credentials vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow. | 9.8 |
| 2023-02-03 | CVE-2023-24155 | Use of Hard-coded Credentials vulnerability in Totolink T8 Firmware V4.1.5Cu TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /web_cste/cgi-bin/product.ini. | 9.8 |
| 2023-02-02 | CVE-2022-48113 | Use of Hard-coded Credentials vulnerability in Totolink N200Re-V5 Firmware 9.3.5U.6139 A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. | 9.8 |
| 2023-02-01 | CVE-2023-23132 | Use of Hard-coded Credentials vulnerability in Selfwealth 3.3.1 Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. | 7.5 |
| 2023-02-01 | CVE-2022-42973 | Use of Hard-coded Credentials vulnerability in Schneider-Electric products A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. | 7.8 |
| 2023-01-27 | CVE-2022-43978 | Use of Hard-coded Credentials vulnerability in Pandorafms Pandora FMS There is an improper authentication vulnerability in Pandora FMS v764. | 3.7 |
| 2023-01-27 | CVE-2022-48067 | Use of Hard-coded Credentials vulnerability in Totolink A830R Firmware 4.1.2Cu.5182 An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack. | 5.5 |
| 2023-01-26 | CVE-2023-24022 | Use of Hard-coded Credentials vulnerability in Baicells RTD Firmware and RTS Firmware Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. | 9.8 |