Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-17 | CVE-2019-13657 | Use of Hard-coded Credentials vulnerability in Broadcom CA Performance Management and Network Operations CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | 8.8 |
| 2019-10-10 | CVE-2019-9533 | Use of Hard-coded Credentials vulnerability in Cobham Explorer 710 Firmware 1.07 The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. | 9.8 |
| 2019-10-09 | CVE-2019-15017 | Use of Hard-coded Credentials vulnerability in Zingbox Inspector The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. | 8.4 |
| 2019-10-09 | CVE-2019-15015 | Use of Hard-coded Credentials vulnerability in Zingbox Inspector In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system. | 8.4 |
| 2019-10-02 | CVE-2019-13658 | Use of Hard-coded Credentials vulnerability in Broadcom Network Flow Analysis CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | 9.8 |
| 2019-09-30 | CVE-2019-13466 | Use of Hard-coded Credentials vulnerability in multiple products Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. | 7.5 |
| 2019-09-23 | CVE-2019-10990 | Use of Hard-coded Credentials vulnerability in Redlion Crimson Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files. | 6.5 |
| 2019-09-18 | CVE-2019-16399 | Use of Hard-coded Credentials vulnerability in Westerndigital WD MY Book Firmware Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. | 9.8 |
| 2019-09-16 | CVE-2019-13474 | Use of Hard-coded Credentials vulnerability in Telestar products TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, /init, /playlogo.jpg, /stop, /exit, /back, and /playinfo commands. | 9.8 |
| 2019-09-14 | CVE-2019-16313 | Use of Hard-coded Credentials vulnerability in Ifw8 products ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML source code. | 7.5 |