Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-23 | CVE-2024-24681 | Use of Hard-coded Credentials vulnerability in Yealink Configuration Encryption Tool An issue was discovered in Yealink Configuration Encrypt Tool (AES version) and Yealink Configuration Encrypt Tool (RSA version before 1.2). | 9.8 |
| 2024-02-15 | CVE-2024-0390 | Use of Hard-coded Credentials vulnerability in Inprax Izzi Connect INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. | 9.8 |
| 2024-02-15 | CVE-2023-4539 | Use of Hard-coded Credentials vulnerability in Comarch ERP XL Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. | 7.5 |
| 2024-02-07 | CVE-2023-38995 | Use of Hard-coded Credentials vulnerability in Schuhfried 8.22.00 An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command. | 9.8 |
| 2024-02-06 | CVE-2024-22853 | Use of Hard-coded Credentials vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | 9.8 |
| 2024-02-02 | CVE-2024-21764 | Use of Hard-coded Credentials vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. | 9.8 |
| 2024-02-01 | CVE-2023-46706 | Use of Hard-coded Credentials vulnerability in Machinesense Feverwarn Firmware Multiple MachineSense devices have credentials unable to be changed by the user or administrator. | 9.8 |
| 2024-01-30 | CVE-2024-24324 | Use of Hard-coded Credentials vulnerability in Totolink A8000Ru Firmware 7.1Cu.643B20200521 TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. | 9.8 |
| 2024-01-29 | CVE-2023-51840 | Use of Hard-coded Credentials vulnerability in Html-Js Doracms 2.1.8 DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. | 9.8 |
| 2024-01-27 | CVE-2023-6482 | Use of Hard-coded Credentials vulnerability in Synaptics Fingerprint Driver 6.0.00.1111 Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the template database. | 5.2 |