Vulnerabilities > Use of Hard-coded Credentials
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-18 | CVE-2022-41540 | Use of Hard-coded Credentials vulnerability in Tp-Link Ax10 Firmware V1211117 The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. | 5.9 |
2022-10-17 | CVE-2022-42980 | Use of Hard-coded Credentials vulnerability in Go-Admin 2.0.12 go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key. | 9.8 |
2022-10-10 | CVE-2022-34425 | Use of Hard-coded Credentials vulnerability in Dell Enterprise Sonic Distribution 4.0.0/4.0.1 Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. | 7.5 |
2022-09-30 | CVE-2022-20844 | Use of Hard-coded Credentials vulnerability in Cisco Sd-Wan A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. | 5.3 |
2022-09-29 | CVE-2020-15326 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | 5.3 |
2022-09-29 | CVE-2020-15327 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | 7.5 |
2022-09-26 | CVE-2022-36159 | Use of Hard-coded Credentials vulnerability in Contec products Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. | 8.8 |
2022-09-16 | CVE-2022-38823 | Use of Hard-coded Credentials vulnerability in Totolink T6 Firmware 4.1.5Cu.709B20210518 In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. | 9.8 |
2022-09-13 | CVE-2022-31322 | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples 5.0.12.0/6.0.0/V6.0.R3.4.10 Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables. | 7.8 |
2022-09-13 | CVE-2022-35413 | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples WAPPLES through 6.0 has a hardcoded systemi account. | 9.8 |