Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-04 | CVE-2020-12110 | Use of Hard-coded Credentials vulnerability in Tp-Link products Certain TP-Link devices have a Hardcoded Encryption Key. | 9.8 |
| 2020-05-04 | CVE-2020-12627 | Use of Hard-coded Credentials vulnerability in Janeczku Calibre-Web 0.6.6 Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key. | 9.8 |
| 2020-04-29 | CVE-2019-5622 | Use of Hard-coded Credentials vulnerability in Accellion File Transfer Appliance 80540 Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials. | 9.8 |
| 2020-04-23 | CVE-2018-21137 | Use of Hard-coded Credentials vulnerability in Netgear D3600 Firmware and D6000 Firmware Certain NETGEAR devices are affected by a hardcoded password. | 9.8 |
| 2020-04-22 | CVE-2019-6859 | Use of Hard-coded Credentials vulnerability in Schneider-Electric products A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network. | 7.5 |
| 2020-04-21 | CVE-2019-4327 | Use of Hard-coded Credentials vulnerability in Hcltech Appscan 9.0.3.14 "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | 7.5 |
| 2020-04-20 | CVE-2020-9279 | Use of Hard-coded Credentials vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-20 | CVE-2019-19108 | Use of Hard-coded Credentials vulnerability in Br-Automation Automation Studio An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP. | 9.4 |
| 2020-04-17 | CVE-2020-11878 | Use of Hard-coded Credentials vulnerability in Jitsi Meet The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts. | 9.8 |
| 2020-04-15 | CVE-2019-20656 | Use of Hard-coded Credentials vulnerability in Netgear products Certain NETGEAR devices are affected by a hardcoded password. | 8.8 |