Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2022-22560 | Use of Hard-coded Credentials vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. | 5.5 |
| 2022-04-07 | CVE-2022-26671 | Use of Hard-coded Credentials vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. | 7.3 |
| 2022-04-06 | CVE-2022-23440 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiedr A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment. | 7.8 |
| 2022-04-06 | CVE-2022-23441 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiedr A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors. | 9.1 |
| 2022-04-04 | CVE-2022-1162 | Use of Hard-coded Credentials vulnerability in Gitlab A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. | 9.8 |
| 2022-04-04 | CVE-2022-25569 | Use of Hard-coded Credentials vulnerability in Bettinivideo Sgsetup 4.3.0 Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software. | 9.8 |
| 2022-04-03 | CVE-2021-30064 | Use of Hard-coded Credentials vulnerability in multiple products On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state). | 9.8 |
| 2022-03-30 | CVE-2021-46008 | Use of Hard-coded Credentials vulnerability in Totolink A3100R Firmware 5.9C.4577 In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. | 8.8 |
| 2022-03-30 | CVE-2022-24693 | Use of Hard-coded Credentials vulnerability in Baicells Neutrino 430 Firmware and Nova436Q Firmware Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. | 9.8 |
| 2022-03-29 | CVE-2022-25521 | Use of Hard-coded Credentials vulnerability in Nuuo Network Video Recorder Firmware NUUO v03.11.00 was discovered to contain access control issue. | 9.8 |