Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-28987 | Use of Hard-coded Credentials vulnerability in Solarwinds web Help Desk The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. | 9.1 |
| 2024-08-20 | CVE-2024-8005 | Use of Hard-coded Credentials vulnerability in Demozx GF CMS A vulnerability was found in demozx gf_cms 1.0/1.0.1. | 9.8 |
| 2024-08-16 | CVE-2024-42638 | Use of Hard-coded Credentials vulnerability in H3C Magic B1St Firmware 100R012 H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | 9.8 |
| 2024-08-15 | CVE-2024-31798 | Use of Hard-coded Credentials vulnerability in Gncchome Gncc C2 Firmware Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices | 6.8 |
| 2024-08-08 | CVE-2024-41161 | Use of Hard-coded Credentials vulnerability in Vonets products Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. | 9.8 |
| 2024-08-07 | CVE-2024-6890 | Use of Hard-coded Credentials vulnerability in Journyx 11.5.4 Password reset tokens are generated using an insecure source of randomness. | 8.8 |
| 2024-08-06 | CVE-2024-41616 | Use of Hard-coded Credentials vulnerability in Dlink Dir-300 Firmware 1.06B05Ww D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. | 9.8 |
| 2024-08-05 | CVE-2024-39838 | Use of Hard-coded Credentials vulnerability in Zexelon Zwx-2000Csw2-Hn Firmware ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device. | 8.8 |
| 2024-08-02 | CVE-2024-33895 | Use of Hard-coded Credentials vulnerability in Hms-Networks Ewon Cosy+ Firmware Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. | 6.6 |
| 2024-08-01 | CVE-2024-7332 | Use of Hard-coded Credentials vulnerability in Totolink Cp450 Firmware 4.1.0Cu.747B20191224 A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. | 9.8 |