Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-23 | CVE-2021-39245 | Use of Hard-coded Credentials vulnerability in Altus products Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. | 7.5 |
| 2021-08-18 | CVE-2021-32588 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiportal A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password. | 9.8 |
| 2021-08-11 | CVE-2020-25560 | Use of Hard-coded Credentials vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. | 9.8 |
| 2021-08-11 | CVE-2020-25561 | Use of Hard-coded Credentials vulnerability in Sapphireims 5.0 SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. | 7.8 |
| 2021-08-11 | CVE-2020-25565 | Use of Hard-coded Credentials vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. | 9.8 |
| 2021-08-09 | CVE-2013-6276 | Use of Hard-coded Credentials vulnerability in Qnap products QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. | 9.8 |
| 2021-08-03 | CVE-2021-27952 | Use of Hard-coded Credentials vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200 Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. | 9.8 |
| 2021-08-02 | CVE-2021-27503 | Use of Hard-coded Credentials vulnerability in Ypsomed Mylife and Mylife Cloud Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application encrypts on the application layer of the communication protocol between the Ypsomed mylife App and mylife Cloud credentials based on hard-coded secrets, which allows man-in-the-middle attackers to tamper with messages. | 4.8 |
| 2021-08-02 | CVE-2021-37163 | Use of Hard-coded Credentials vulnerability in Swisslog-Healthcare Hmi-3 Control Panel Firmware An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. | 9.8 |
| 2021-07-26 | CVE-2021-37555 | Use of Hard-coded Credentials vulnerability in Trixie TX9 Automatic Food Dispenser Firmware 3.2.57 TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. | 9.8 |