Vulnerabilities > Use of Hard-coded Credentials
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-29 | CVE-2022-29856 | Use of Hard-coded Credentials vulnerability in Automationanywhere Automation 360 22 A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. | 7.5 |
2022-04-27 | CVE-2021-34601 | Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. | 9.8 |
2022-04-26 | CVE-2022-23942 | Use of Hard-coded Credentials vulnerability in Apache Doris Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | 7.5 |
2022-04-25 | CVE-2021-45841 | Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517 In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. | 8.1 |
2022-04-22 | CVE-2022-26672 | Use of Hard-coded Credentials vulnerability in Asus Webstorage 3.10.1 ASUS WebStorage has a hardcoded API Token in the APP source code. | 9.8 |
2022-04-21 | CVE-2022-20773 | Use of Hard-coded Credentials vulnerability in Cisco Umbrella A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. | 8.1 |
2022-04-20 | CVE-2022-24860 | Use of Hard-coded Credentials vulnerability in Databasir Project Databasir 1.0.1 Databasir is a team-oriented relational database model document management platform. | 9.8 |
2022-04-18 | CVE-2022-28810 | Use of Hard-coded Credentials vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. | 6.8 |
2022-04-14 | CVE-2021-40390 | Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4 An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 9.8 |
2022-04-13 | CVE-2022-27506 | Use of Hard-coded Credentials vulnerability in Citrix products Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | 2.7 |