Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-16 | CVE-2022-25246 | Use of Hard-coded Credentials vulnerability in PTC Axeda Agent and Axeda Desktop Server Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. | 8.8 |
| 2022-03-16 | CVE-2022-26660 | Use of Hard-coded Credentials vulnerability in Robotronic Runasspc 4.0.0.0 RunAsSpc 4.0 uses a universal and recoverable encryption key. | 7.5 |
| 2022-03-11 | CVE-2021-41848 | Use of Hard-coded Credentials vulnerability in multiple products An issue was discovered in Luna Simo PPR1.180610.011/202001031830. | 7.8 |
| 2022-03-11 | CVE-2022-21194 | Use of Hard-coded Credentials vulnerability in Yokogawa products The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00. | 9.8 |
| 2022-03-11 | CVE-2022-23402 | Use of Hard-coded Credentials vulnerability in Yokogawa products The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00 | 9.8 |
| 2022-03-11 | CVE-2022-25510 | Use of Hard-coded Credentials vulnerability in Freetakserver-Ui Project Freetakserver-Ui 1.9.8 FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges. | 8.8 |
| 2022-03-10 | CVE-2022-25213 | Use of Hard-coded Credentials vulnerability in Phicomm products Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. | 6.8 |
| 2022-03-10 | CVE-2022-25217 | Use of Hard-coded Credentials vulnerability in Phicomm K2 Firmware and K3C Firmware Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. | 7.8 |
| 2022-03-02 | CVE-2022-25045 | Use of Hard-coded Credentials vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel. | 9.8 |
| 2022-03-01 | CVE-2022-24255 | Use of Hard-coded Credentials vulnerability in Extensis Portfolio 4.0 Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges. | 8.8 |