Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2013-1603 | Use of Hard-coded Credentials vulnerability in Dlink products An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. | 5.3 |
| 2020-01-27 | CVE-2020-8001 | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus 1.0.2 The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. | 9.8 |
| 2020-01-27 | CVE-2020-8000 | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus web 1.24 Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | 9.8 |
| 2020-01-27 | CVE-2020-7999 | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus 1.0.2 The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. | 9.8 |
| 2020-01-24 | CVE-2020-6963 | Use of Hard-coded Credentials vulnerability in Gehealthcare products In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code. | 10.0 |
| 2020-01-23 | CVE-2019-16153 | Use of Hard-coded Credentials vulnerability in Fortinet Fortisiem A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials. | 9.8 |
| 2020-01-15 | CVE-2019-9493 | Use of Hard-coded Credentials vulnerability in Mycarcontrols Mycar Controls The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. | 9.8 |
| 2020-01-14 | CVE-2019-10995 | Use of Hard-coded Credentials vulnerability in ABB products ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. | 8.8 |
| 2020-01-09 | CVE-2019-14919 | Use of Hard-coded Credentials vulnerability in Billion Sg600 R2 Firmware 3.02 An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device. | 7.8 |
| 2020-01-07 | CVE-2019-14837 | Use of Hard-coded Credentials vulnerability in Redhat Keycloak A flaw was found in keycloack before version 8.0.0. | 9.1 |