Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2024-23453 | Use of Hard-coded Credentials vulnerability in Spooncast Spoon 7.11.1/8.6.0 Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. | 5.5 |
| 2024-01-23 | CVE-2024-22768 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-23 | CVE-2024-22769 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-23 | CVE-2024-22770 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-23 | CVE-2024-22771 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-23 | CVE-2024-22772 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-23 | CVE-2024-23842 | Use of Hard-coded Credentials vulnerability in Hitron Systems DVR Hvr-4781 Firmware Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | 7.5 |
| 2024-01-21 | CVE-2024-23726 | Use of Hard-coded Credentials vulnerability in Ubeeinteractive Ddw365 Firmware Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. | 8.8 |
| 2024-01-19 | CVE-2024-23687 | Use of Hard-coded Credentials vulnerability in Openlibraryfoundation Mod-Data-Export-Spring Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines. | 9.1 |
| 2024-01-19 | CVE-2024-23685 | Use of Hard-coded Credentials vulnerability in Openlibraryfoundation Mod-Remote-Storage Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types. | 5.3 |