Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2021-4228 | Use of Hard-coded Credentials vulnerability in Lannerinc Iac-Ast2500 Firmware 1.00.0 Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. | 7.4 |
| 2022-10-24 | CVE-2022-38117 | Use of Hard-coded Credentials vulnerability in Juiker 4.6.0311.1 Juiker app hard-coded its AES key in the source code. | 6.1 |
| 2022-10-20 | CVE-2022-42176 | Use of Hard-coded Credentials vulnerability in Pctechsoft Pcsecure 5.0.8.Xw In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access. | 7.8 |
| 2022-10-18 | CVE-2022-41540 | Use of Hard-coded Credentials vulnerability in Tp-Link Ax10 Firmware V1211117 The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. | 5.9 |
| 2022-10-17 | CVE-2022-42980 | Use of Hard-coded Credentials vulnerability in Go-Admin 2.0.12 go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key. | 9.8 |
| 2022-10-10 | CVE-2022-34425 | Use of Hard-coded Credentials vulnerability in Dell Enterprise Sonic Distribution 4.0.0/4.0.1 Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. | 7.5 |
| 2022-09-30 | CVE-2022-20844 | Use of Hard-coded Credentials vulnerability in Cisco Sd-Wan A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. | 5.3 |
| 2022-09-29 | CVE-2020-15326 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | 5.3 |
| 2022-09-29 | CVE-2020-15327 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | 7.5 |
| 2022-09-26 | CVE-2022-36159 | Use of Hard-coded Credentials vulnerability in Contec products Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. | 8.8 |