Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2018-05-17 CVE-2018-0222 Use of Hard-coded Credentials vulnerability in Cisco Digital Network Architecture Center
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials.
network
low complexity
cisco CWE-798
critical
10.0
2018-05-15 CVE-2018-11094 Use of Hard-coded Credentials vulnerability in Intelbras Ncloud 300 Firmware 1.0
An issue was discovered on Intelbras NCLOUD 300 1.0 devices.
network
low complexity
intelbras CWE-798
critical
9.8
2018-05-10 CVE-2018-9112 Use of Hard-coded Credentials vulnerability in Foxconn Ap-Fc4064-T Firmware Apgtb385.8.3Lb15W47Lte
A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15.
network
low complexity
foxconn CWE-798
critical
9.8
2018-05-09 CVE-2016-9335 Use of Hard-coded Credentials vulnerability in Redlion products
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190.
network
low complexity
redlion CWE-798
critical
10.0
2018-05-08 CVE-2017-17540 Use of Hard-coded Credentials vulnerability in Fortinet Fortiwlc
The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell.
network
low complexity
fortinet CWE-798
critical
9.8
2018-05-08 CVE-2017-17539 Use of Hard-coded Credentials vulnerability in Fortinet Fortiwlc
The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.
network
low complexity
fortinet CWE-798
critical
9.8
2018-05-05 CVE-2018-10723 Use of Hard-coded Credentials vulnerability in Rangerstudio Directus 6.4.9
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql.
network
low complexity
rangerstudio CWE-798
critical
9.8
2018-05-04 CVE-2018-8857 Use of Hard-coded Credentials vulnerability in Philips products
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
local
low complexity
philips CWE-798
7.8
2018-05-03 CVE-2018-10167 Use of Hard-coded Credentials vulnerability in Tp-Link EAP Controller 2.5.4/2.6.0
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it.
network
high complexity
tp-link CWE-798
7.5
2018-05-02 CVE-2018-6401 Use of Hard-coded Credentials vulnerability in Meross Mss110 Firmware 1.1.24
Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password.
network
low complexity
meross CWE-798
critical
9.8