Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-15 | CVE-2019-0020 | Use of Hard-coded Credentials vulnerability in Juniper Advanced Threat Prevention Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. | 9.8 |
| 2019-01-09 | CVE-2018-16201 | Use of Hard-coded Credentials vulnerability in Toshiba Hem-Gw16A Firmware and Hem-Gw26A Firmware Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands. | 8.8 |
| 2019-01-09 | CVE-2018-16186 | Use of Hard-coded Credentials vulnerability in Ricoh products RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) uses hard-coded credentials, which may allow an attacker on the same network segments to login to the administrators settings screen and change the configuration. | 8.8 |
| 2018-12-28 | CVE-2018-1000625 | Use of Hard-coded Credentials vulnerability in Battelle V2I HUB 2.5.1 Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. | 9.8 |
| 2018-12-24 | CVE-2018-7800 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Evlink Parking Firmware 3.1.133/3.2.012 A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable an attacker to gain access to the device. | 9.8 |
| 2018-12-21 | CVE-2018-18009 | Use of Hard-coded Credentials vulnerability in Dlink Dir-140L Firmware and Dir-640L Firmware dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-21 | CVE-2018-18008 | Use of Hard-coded Credentials vulnerability in Dlink products spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-21 | CVE-2018-18007 | Use of Hard-coded Credentials vulnerability in Dlink Dsl-2770L Firmware Me1.01/Me1.02/Me1.06 atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-20 | CVE-2018-15720 | Use of Hard-coded Credentials vulnerability in Logitech Harmony HUB Firmware Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API. | 9.8 |
| 2018-12-20 | CVE-2018-19233 | Use of Hard-coded Credentials vulnerability in Comparex Miss Marple COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file. | 7.8 |