Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-8870 | Use of Hard-coded Credentials vulnerability in Medtronic products Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. | 6.8 |
| 2018-06-28 | CVE-2018-12924 | Use of Hard-coded Credentials vulnerability in Eztcp products Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service. | 9.8 |
| 2018-06-26 | CVE-2018-4846 | Use of Hard-coded Credentials vulnerability in Siemens products A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). | 9.8 |
| 2018-06-21 | CVE-2018-12526 | Use of Hard-coded Credentials vulnerability in Telesquare Sdt-Cs3B1 Firmware and Sdt-Cw3B1 Firmware Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. | 9.8 |
| 2018-06-20 | CVE-2018-6213 | Use of Hard-coded Credentials vulnerability in D-Link Dir-620 Firmware In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account. | 9.8 |
| 2018-06-19 | CVE-2018-6210 | Use of Hard-coded Credentials vulnerability in Dlink Dir-620 Firmware 1.0.37 D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session. | 9.8 |
| 2018-06-13 | CVE-2018-12323 | Use of Hard-coded Credentials vulnerability in Apollotechnologiesinc Momentum Axel 720P and Momentum Axel 720P Firmware An issue was discovered on Momentum Axel 720P 5.1.8 devices. | 6.8 |
| 2018-06-07 | CVE-2018-0329 | Use of Hard-coded Credentials vulnerability in Cisco Wide Area Application Services 6.2(3)/6.4(1) A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. | 5.3 |
| 2018-06-05 | CVE-2018-10966 | Use of Hard-coded Credentials vulnerability in Gamerpolls 0.4.6 An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. | 7.3 |
| 2018-06-05 | CVE-2018-10813 | Use of Hard-coded Credentials vulnerability in Aprendecondedos Dedos-Web 1.0 In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. | 7.3 |