Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2019-3939 | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. | 9.8 |
| 2019-04-30 | CVE-2019-3938 | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. | 7.8 |
| 2019-04-30 | CVE-2019-3932 | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. | 9.8 |
| 2019-04-24 | CVE-2018-18251 | Use of Hard-coded Credentials vulnerability in Deltek Vision 7.0/7.1 Deltek Vision 7.x before 7.6 permits the execution of any attacker supplied SQL statement through a custom RPC over HTTP protocol. | 9.8 |
| 2019-04-24 | CVE-2019-7212 | Use of Hard-coded Credentials vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. | 8.2 |
| 2019-04-23 | CVE-2019-10688 | Use of Hard-coded Credentials vulnerability in Polycom products VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections between the host application and the device. | 6.8 |
| 2019-04-18 | CVE-2019-9160 | Use of Hard-coded Credentials vulnerability in Xinruidz Sundray WAN Controller Firmware 3.7.4.2 WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string). | 9.8 |
| 2019-04-11 | CVE-2019-9975 | Use of Hard-coded Credentials vulnerability in Dasannetworks H660Rm Firmware 1.030022 DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. | 7.5 |
| 2019-04-05 | CVE-2019-10479 | Use of Hard-coded Credentials vulnerability in Glory-Global Rbw-100 Firmware Ispk05027.0.0 An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. | 9.8 |
| 2019-03-28 | CVE-2019-3710 | Use of Hard-coded Credentials vulnerability in Dell EMC Networking Os10 Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. | 8.1 |