Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2022-25510 | Use of Hard-coded Credentials vulnerability in Freetakserver-Ui Project Freetakserver-Ui 1.9.8 FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges. | 8.8 |
| 2022-03-10 | CVE-2022-25213 | Use of Hard-coded Credentials vulnerability in Phicomm products Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. | 6.8 |
| 2022-03-10 | CVE-2022-25217 | Use of Hard-coded Credentials vulnerability in Phicomm K2 Firmware and K3C Firmware Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. | 7.8 |
| 2022-03-02 | CVE-2022-25045 | Use of Hard-coded Credentials vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel. | 9.8 |
| 2022-03-01 | CVE-2022-24255 | Use of Hard-coded Credentials vulnerability in Extensis Portfolio 4.0 Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges. | 8.8 |
| 2022-02-24 | CVE-2022-25329 | Use of Hard-coded Credentials vulnerability in Trendmicro products Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. | 9.8 |
| 2022-02-21 | CVE-2021-27797 | Use of Hard-coded Credentials vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system. | 9.8 |
| 2022-02-18 | CVE-2022-23650 | Use of Hard-coded Credentials vulnerability in Gravitl Netmaker Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. | 8.8 |
| 2022-02-17 | CVE-2021-46247 | Use of Hard-coded Credentials vulnerability in Asus Cmax6000 Firmware 1.02.00 The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00. | 7.5 |
| 2022-02-12 | CVE-2022-22765 | Use of Hard-coded Credentials vulnerability in BD Viper LT System Firmware 2.0/4.0 BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. | 7.8 |