Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-9594 | Use of Hard-coded Credentials vulnerability in Kubernetes Image Builder A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. | 8.1 |
| 2024-09-30 | CVE-2024-8448 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell. | 8.8 |
| 2024-09-30 | CVE-2024-8449 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password. | 6.8 |
| 2024-09-30 | CVE-2024-8450 | Use of Hard-coded Credentials vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges. | 9.8 |
| 2024-09-28 | CVE-2024-23958 | Use of Hard-coded Credentials vulnerability in Autel Maxicharger AC Elite Business C50 Firmware 1.32.00 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. | 8.8 |
| 2024-09-25 | CVE-2024-43423 | Use of Hard-coded Credentials vulnerability in Doverfuelingsolutions products The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. | 9.8 |
| 2024-09-19 | CVE-2023-27584 | Use of Hard-coded Credentials vulnerability in Linuxfoundation Dragonfly Dragonfly is an open source P2P-based file distribution and image acceleration system. | 9.8 |
| 2024-09-19 | CVE-2024-45861 | Use of Hard-coded Credentials vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-16 | CVE-2024-45698 | Use of Hard-coded Credentials vulnerability in Dlink Dir-X4860 Firmware 1.00/1.04 Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device. | 9.8 |
| 2024-09-13 | CVE-2024-6656 | Use of Hard-coded Credentials vulnerability in Tnbmobil Cockpit Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable.This issue affects Cockpit Software: before v2.13. | 9.8 |