Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-29 | CVE-2021-31505 | Use of Hard-coded Credentials vulnerability in Arlo Q Plus Firmware 1.9.0.3278 This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3_278. | 6.8 |
| 2021-06-25 | CVE-2021-33529 | Use of Hard-coded Credentials vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device. | 7.5 |
| 2021-06-25 | CVE-2021-33531 | Use of Hard-coded Credentials vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. | 8.8 |
| 2021-06-25 | CVE-2021-33540 | Use of Hard-coded Credentials vulnerability in Phoenixcontact products In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists. | 7.3 |
| 2021-06-18 | CVE-2021-34812 | Use of Hard-coded Credentials vulnerability in Synology Calendar Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2021-06-16 | CVE-2021-31477 | Use of Hard-coded Credentials vulnerability in GE Reason Rpv311 Firmware 14A03 This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. | 7.3 |
| 2021-06-16 | CVE-2020-25752 | Use of Hard-coded Credentials vulnerability in Enphase Envoy Firmware D4.0/R3.0 An issue was discovered on Enphase Envoy R3.x and D4.x devices. | 5.3 |
| 2021-06-16 | CVE-2021-27481 | Use of Hard-coded Credentials vulnerability in Zoll Defibrillator Dashboard ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in the data exchange process, which is hardcoded. | 5.5 |
| 2021-06-09 | CVE-2020-15382 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | 7.2 |
| 2021-06-04 | CVE-2021-3565 | Use of Hard-coded Credentials vulnerability in multiple products A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. | 5.9 |