Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-29 | CVE-2020-15326 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | 5.3 |
| 2022-09-29 | CVE-2020-15327 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | 7.5 |
| 2022-09-28 | CVE-2022-22522 | Use of Hard-coded Credentials vulnerability in Gavazziautomation products In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device. | 9.8 |
| 2022-09-28 | CVE-2022-28812 | Use of Hard-coded Credentials vulnerability in Gavazziautomation products In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device. | 9.8 |
| 2022-09-26 | CVE-2022-36159 | Use of Hard-coded Credentials vulnerability in Contec products Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. | 8.8 |
| 2022-09-16 | CVE-2022-3214 | Use of Hard-coded Credentials vulnerability in Deltaww Diaenergie Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. | 9.8 |
| 2022-09-16 | CVE-2022-38823 | Use of Hard-coded Credentials vulnerability in Totolink T6 Firmware 4.1.5Cu.709B20210518 In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. | 9.8 |
| 2022-09-13 | CVE-2022-31322 | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples 5.0.12.0/6.0.0/V6.0.R3.4.10 Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables. | 7.8 |
| 2022-09-13 | CVE-2022-35413 | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples WAPPLES through 6.0 has a hardcoded systemi account. | 9.8 |
| 2022-09-13 | CVE-2022-35582 | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples 4.0.0/5.0.0.0/5.0.12.0 Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. | 8.8 |