Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-29889 | Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. | 9.8 |
| 2022-10-24 | CVE-2021-4228 | Use of Hard-coded Credentials vulnerability in Lannerinc Iac-Ast2500 Firmware 1.00.0 Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. | 7.4 |
| 2022-10-24 | CVE-2022-38117 | Use of Hard-coded Credentials vulnerability in Juiker 4.6.0311.1 Juiker app hard-coded its AES key in the source code. | 6.1 |
| 2022-10-20 | CVE-2022-42176 | Use of Hard-coded Credentials vulnerability in Pctechsoft Pcsecure 5.0.8.Xw In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access. | 7.8 |
| 2022-10-18 | CVE-2022-41540 | Use of Hard-coded Credentials vulnerability in Tp-Link Ax10 Firmware V1211117 The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. | 5.9 |
| 2022-10-17 | CVE-2022-42980 | Use of Hard-coded Credentials vulnerability in Go-Admin 2.0.12 go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key. | 9.8 |
| 2022-10-14 | CVE-2022-38420 | Use of Hard-coded Credentials vulnerability in Adobe Coldfusion 2018/2021 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. | 7.5 |
| 2022-10-10 | CVE-2022-34425 | Use of Hard-coded Credentials vulnerability in Dell Enterprise Sonic Distribution 4.0.0/4.0.1 Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. | 7.5 |
| 2022-10-06 | CVE-2022-39273 | Use of Hard-coded Credentials vulnerability in Flyte Flyteadmin FlyteAdmin is the control plane for the data processing platform Flyte. | 7.5 |
| 2022-09-30 | CVE-2022-20844 | Use of Hard-coded Credentials vulnerability in Cisco Sd-Wan A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. | 5.3 |