Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-25 | CVE-2016-2358 | Use of Hard-coded Credentials vulnerability in Milesight IP Security Camera Firmware 20161114 Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. | 9.8 |
| 2019-10-25 | CVE-2016-2357 | Use of Hard-coded Credentials vulnerability in Milesight IP Security Camera Firmware 20161114 Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. | 9.8 |
| 2019-10-17 | CVE-2019-13657 | Use of Hard-coded Credentials vulnerability in Broadcom CA Performance Management and Network Operations CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | 8.8 |
| 2019-10-10 | CVE-2019-9533 | Use of Hard-coded Credentials vulnerability in Cobham Explorer 710 Firmware 1.07 The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. | 9.8 |
| 2019-10-09 | CVE-2019-15017 | Use of Hard-coded Credentials vulnerability in Zingbox Inspector The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. | 8.4 |
| 2019-10-09 | CVE-2019-15015 | Use of Hard-coded Credentials vulnerability in Zingbox Inspector In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system. | 8.4 |
| 2019-10-02 | CVE-2019-13658 | Use of Hard-coded Credentials vulnerability in Broadcom Network Flow Analysis CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | 9.8 |
| 2019-09-30 | CVE-2019-13466 | Use of Hard-coded Credentials vulnerability in multiple products Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. | 7.5 |
| 2019-09-23 | CVE-2019-10990 | Use of Hard-coded Credentials vulnerability in Redlion Crimson Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files. | 6.5 |
| 2019-09-18 | CVE-2019-16399 | Use of Hard-coded Credentials vulnerability in Westerndigital WD MY Book Firmware Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. | 9.8 |