Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-38069 | Use of Hard-coded Credentials vulnerability in Contechealth Cms8000 Firmware Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical access to gain privileged access to any device. | 6.1 |
| 2022-09-08 | CVE-2022-38394 | Use of Hard-coded Credentials vulnerability in Allied-Telesis Centrecom Ar260S Firmware Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command. | 9.8 |
| 2022-09-06 | CVE-2022-37841 | Use of Hard-coded Credentials vulnerability in Totolink A860R Firmware 4.1.2Cu.5182B20201027 In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow.sample. | 7.5 |
| 2022-09-06 | CVE-2022-40111 | Use of Hard-coded Credentials vulnerability in Totolink A3002R Firmware 1.1.1B20200824.0128 In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware. | 9.8 |
| 2022-09-01 | CVE-2022-36672 | Use of Hard-coded Credentials vulnerability in Xxyopen Novel-Plus 3.6.2 Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. | 9.8 |
| 2022-08-31 | CVE-2022-30318 | Use of Hard-coded Credentials vulnerability in Honeywell Controledge PLC Firmware and Controledge RTU Firmware Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. | 9.8 |
| 2022-08-30 | CVE-2022-38116 | Use of Hard-coded Credentials vulnerability in Leyan Salary Management System Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. | 9.8 |
| 2022-08-29 | CVE-2022-36558 | Use of Hard-coded Credentials vulnerability in Seiko-Sol products Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. | 9.8 |
| 2022-08-29 | CVE-2022-36560 | Use of Hard-coded Credentials vulnerability in Seiko-Sol Skybridge Mb-A200 Firmware 01.00.04 Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. | 9.8 |
| 2022-08-29 | CVE-2022-36610 | Use of Hard-coded Credentials vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610 TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | 7.8 |