Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-04 | CVE-2020-27689 | Use of Hard-coded Credentials vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. | 5.0 |
| 2020-10-29 | CVE-2020-11615 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | 5.0 |
| 2020-10-29 | CVE-2020-11487 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. | 5.0 |
| 2020-10-29 | CVE-2020-11483 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | 7.5 |
| 2020-10-28 | CVE-2020-16258 | Use of Hard-coded Credentials vulnerability in Winstonprivacy Winston Firmware 1.5.4 Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials. | 5.6 |
| 2020-10-27 | CVE-2020-11854 | Use of Hard-coded Credentials vulnerability in Microfocus products Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. | 9.8 |
| 2020-10-26 | CVE-2020-26879 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus Vriot Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. | 10.0 |
| 2020-10-15 | CVE-2020-12501 | Use of Hard-coded Credentials vulnerability in multiple products Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts. | 9.8 |
| 2020-10-06 | CVE-2020-24218 | Use of Hard-coded Credentials vulnerability in Szuray products An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. | 5.0 |
| 2020-10-06 | CVE-2020-24215 | Use of Hard-coded Credentials vulnerability in multiple products An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. | 5.0 |