Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2020-02-12 CVE-2013-6236 Use of Hard-coded Credentials vulnerability in Izoncam Izon IP Firmware 2.0.2
IZON IP 2.0.2: hard-coded password vulnerability
network
low complexity
izoncam CWE-798
critical
9.8
2020-02-10 CVE-2012-6611 Use of Hard-coded Credentials vulnerability in Polycom HDX System Software
An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3.
network
low complexity
polycom CWE-798
critical
9.8
2020-02-08 CVE-2012-4381 Use of Hard-coded Credentials vulnerability in Mediawiki
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.
network
high complexity
mediawiki CWE-798
8.1
2020-02-06 CVE-2020-8657 Use of Hard-coded Credentials vulnerability in Eyesofnetwork 5.30
An issue was discovered in EyesOfNetwork 5.3.
network
low complexity
eyesofnetwork CWE-798
critical
9.8
2020-02-04 CVE-2019-4675 Use of Hard-coded Credentials vulnerability in IBM Security Identity Manager 7.0.1
IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
network
low complexity
ibm CWE-798
critical
9.8
2020-01-30 CVE-2020-5222 Use of Hard-coded Credentials vulnerability in Apereo Opencast
Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key.
network
low complexity
apereo CWE-798
8.8
2020-01-30 CVE-2013-1352 Use of Hard-coded Credentials vulnerability in Veraxsystems Network Management System
Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive.
network
low complexity
veraxsystems CWE-798
7.5
2020-01-29 CVE-2013-2572 Use of Hard-coded Credentials vulnerability in Tp-Link products
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
network
low complexity
tp-link CWE-798
7.5
2020-01-29 CVE-2013-2567 Use of Hard-coded Credentials vulnerability in Zavio F3105 Firmware and F312A Firmware
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.
network
low complexity
zavio CWE-798
7.5
2020-01-28 CVE-2013-1603 Use of Hard-coded Credentials vulnerability in Dlink products
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.
network
low complexity
dlink CWE-798
5.3