Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-21913 | Use of Hard-coded Credentials vulnerability in Dlink Dir-3040 Firmware 1.13B03 An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. | 9.8 |
| 2021-09-16 | CVE-2021-34571 | Use of Hard-coded Credentials vulnerability in Enbra EWM 1.7.29 Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. | 6.5 |
| 2021-09-07 | CVE-2021-33484 | Use of Hard-coded Credentials vulnerability in Onyaktech Comments PRO Project Onyaktech Comments PRO 3.8 An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. | 7.5 |
| 2021-09-03 | CVE-2021-40494 | Use of Hard-coded Credentials vulnerability in Adaptivescale Lxdui A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system. | 9.8 |
| 2021-08-31 | CVE-2021-36234 | Use of Hard-coded Credentials vulnerability in Unit4 Mik.Starlight 7.9.5.24363 Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors. | 5.5 |
| 2021-08-31 | CVE-2021-34565 | Use of Hard-coded Credentials vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. | 9.8 |
| 2021-08-30 | CVE-2021-29728 | Use of Hard-coded Credentials vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 4.9 |
| 2021-08-23 | CVE-2021-39613 | Use of Hard-coded Credentials vulnerability in Dlink Dvg-3104Ms Firmware 1.0.2.0.3/1.0.2.0.4/1.0.2.0.4E D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |
| 2021-08-23 | CVE-2021-39614 | Use of Hard-coded Credentials vulnerability in Dlink Dvx-2000Ms Firmware D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |
| 2021-08-23 | CVE-2021-39615 | Use of Hard-coded Credentials vulnerability in Dlink Dsr-500N Firmware 1.02 D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying embedded Linux operating system on the device. | 9.8 |