Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-26 | CVE-2022-23942 | Use of Hard-coded Credentials vulnerability in Apache Doris Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | 7.5 |
| 2022-04-25 | CVE-2021-45841 | Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517 In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. | 8.1 |
| 2022-04-22 | CVE-2022-26672 | Use of Hard-coded Credentials vulnerability in Asus Webstorage 3.10.1 ASUS WebStorage has a hardcoded API Token in the APP source code. | 9.8 |
| 2022-04-21 | CVE-2022-20773 | Use of Hard-coded Credentials vulnerability in Cisco Umbrella A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. | 8.1 |
| 2022-04-20 | CVE-2022-24860 | Use of Hard-coded Credentials vulnerability in Databasir Project Databasir 1.0.1 Databasir is a team-oriented relational database model document management platform. | 9.8 |
| 2022-04-18 | CVE-2022-28810 | Use of Hard-coded Credentials vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. | 6.8 |
| 2022-04-14 | CVE-2020-25168 | Use of Hard-coded Credentials vulnerability in Bbraun Datamodule Compactplus and Spacecom Hard-coded credentials in the B. | 3.3 |
| 2022-04-14 | CVE-2021-40390 | Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4 An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 9.8 |
| 2022-04-14 | CVE-2021-40422 | Use of Hard-coded Credentials vulnerability in Swiftsensors Sg3-1010 Firmware An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. | 10.0 |
| 2022-04-13 | CVE-2022-27506 | Use of Hard-coded Credentials vulnerability in Citrix products Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | 2.7 |