CVE & Exploit Intelligence Database

CVE-2026-28713 7.1 HIGH EPSS 0.00

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.

CWE-1392 Mar 06, 2026

CVE-2026-22886 9.8 CRITICAL EPSS 0.00

OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ships with a default administrative account (admin/ admin) and does not enforce a mandatory password change on first use. After the first successful login, the server continues to accept the default password indefinitely without warning or enforcement. In real-world deployments, this service is often left enabled without changing the default credentials. As a result, a remote attacker with access to the service port could authenticate as an administrator and gain full control of the protocol’s administrative features.

CWE-1393 Mar 03, 2026

CVE-2026-27751 9.8 CRITICAL EPSS 0.00

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.

CWE-1392 Feb 27, 2026

CVE-2026-26341 9.8 CRITICAL EPSS 0.00

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.

CWE-1392 Feb 24, 2026

CVE-2026-26366 9.8 CRITICAL EPSS 0.00

eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitive smart home configuration and control functions.

CWE-1392 Feb 15, 2026

CVE-2025-54756 8.4 HIGH 1 Writeup EPSS 0.00

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all default passwords.

CWE-1392 Feb 12, 2026

CVE-2026-1972 5.3 MEDIUM EPSS 0.00

A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

CWE-1392 Feb 06, 2026

CVE-2026-1803 8.1 HIGH 1 Writeup EPSS 0.00

A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CWE-1392 Feb 03, 2026

CVE-2025-7740 EPSS 0.00

Default credentials vulnerability exists in SuprOS product. If exploited, this could allow an authenticated local attacker to use an admin account created during product deployment.

CWE-1392 Jan 28, 2026

CVE-2025-59108 EPSS 0.00

By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced.

CWE-1392 Jan 26, 2026

CVE-2026-22273 8.8 HIGH EPSS 0.00

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

CWE-1392 Jan 23, 2026

CVE-2025-58744 7.5 HIGH EPSS 0.00

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.

CWE-1392 Jan 20, 2026

CVE-2020-36915 7.5 HIGH 1 PoC Analysis EPSS 0.00

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions.

CWE-1392 Jan 06, 2026

CVE-2022-50803 9.8 CRITICAL EPSS 0.00

JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges.

CWE-1392 Dec 30, 2025

CVE-2018-25147 7.5 HIGH 1 PoC Analysis EPSS 0.00

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.

CWE-1392 Dec 24, 2025

CVE-2021-47707 1 PoC Analysis EPSS 0.00

COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowing them to access the web control panel.

CWE-1392 Dec 09, 2025

CVE-2025-54303 9.8 CRITICAL EPSS 0.00

The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default credentials; however, a password change policy for default administrative accounts is not enforced. Many deployments may retain default credentials, in which case an attacker is likely to be able to successfully authenticate with administrative privileges.

CWE-1392 Dec 04, 2025

CVE-2025-12592 EPSS 0.00

Legacy Vivotek Device firmware uses default credetials for the root and user login accounts.

CWE-1392 Nov 19, 2025

CVE-2025-12218 9.1 CRITICAL EPSS 0.00

Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CWE-1392 Oct 25, 2025

CVE-2025-12217 9.1 CRITICAL EPSS 0.00

SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CWE-1392 Oct 25, 2025