Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-29 | CVE-2020-35137 | Use of Hard-coded Credentials vulnerability in Mobileiron Mobile@Work The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate with the MobileIron SaaS discovery API, as demonstrated by Mobile@Work (aka com.mobileiron). | 7.5 |
| 2021-03-25 | CVE-2021-27452 | Use of Hard-coded Credentials vulnerability in GE Mu320E Firmware The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1). | 7.8 |
| 2021-03-25 | CVE-2021-27440 | Use of Hard-coded Credentials vulnerability in GE Reason Dr60 Firmware The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). | 9.8 |
| 2021-03-25 | CVE-2021-27438 | Use of Hard-coded Credentials vulnerability in GE Reason Dr60 Firmware The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). | 8.8 |
| 2021-03-21 | CVE-2020-13963 | Use of Hard-coded Credentials vulnerability in Soplanning 1.45/1.46.01 SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. | 9.8 |
| 2021-03-15 | CVE-2020-27278 | Use of Hard-coded Credentials vulnerability in Hamilton-Medical Hamilton-T1 Firmware 2.2.3 In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface. | 5.2 |
| 2021-03-09 | CVE-2020-28952 | Use of Hard-coded Credentials vulnerability in Homey Firmware and Homey PRO Firmware An issue was discovered on Athom Homey and Homey Pro devices before 5.0.0. | 7.5 |
| 2021-03-05 | CVE-2021-27254 | Use of Hard-coded Credentials vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. | 8.8 |
| 2021-03-03 | CVE-2021-21979 | Use of Hard-coded Credentials vulnerability in Bitnami Containers In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APP_KEY is fixed under certain conditions. | 7.3 |
| 2021-03-03 | CVE-2021-20442 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |