Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2013-6277 | Use of Hard-coded Credentials vulnerability in Qnap Viocard 300 Firmware Rsb3722/Rsb4631 QNAP VioCard 300 has hardcoded RSA private keys. | 7.5 |
| 2020-02-13 | CVE-2020-8964 | Use of Hard-coded Credentials vulnerability in Timetoolsltd products TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardcoded cookie." | 9.8 |
| 2020-02-12 | CVE-2013-6236 | Use of Hard-coded Credentials vulnerability in Izoncam Izon IP Firmware 2.0.2 IZON IP 2.0.2: hard-coded password vulnerability | 9.8 |
| 2020-02-10 | CVE-2012-6611 | Use of Hard-coded Credentials vulnerability in Polycom HDX System Software An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. | 9.8 |
| 2020-02-08 | CVE-2012-4381 | Use of Hard-coded Credentials vulnerability in Mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors. | 8.1 |
| 2020-02-06 | CVE-2020-8657 | Use of Hard-coded Credentials vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 9.8 |
| 2020-02-04 | CVE-2019-4675 | Use of Hard-coded Credentials vulnerability in IBM Security Identity Manager 7.0.1 IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2020-01-30 | CVE-2020-5222 | Use of Hard-coded Credentials vulnerability in Apereo Opencast Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. | 8.8 |
| 2020-01-30 | CVE-2013-1352 | Use of Hard-coded Credentials vulnerability in Veraxsystems Network Management System Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. | 7.5 |
| 2020-01-29 | CVE-2013-2572 | Use of Hard-coded Credentials vulnerability in Tp-Link products A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | 7.5 |