The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
43 vulnerabilities with CWE-1391
CVE-2026-22886
CRITICAL
OpenMQ - Auth Bypass
CVSS 9.8
CVE-2026-24449
MEDIUM
WRC-X1500GS-B/WRC-X1500GSA-B - Info Disclosure
CVSS 4.6
CVE-2025-59103
Access Manager 92xx - Info Disclosure
CVE-2026-22920
LOW
Device <unknown> - Info Disclosure
CVSS 3.7
CVE-2026-22910
HIGH
Device - Info Disclosure
CVSS 7.5
CVE-2025-59460
HIGH
Default Deployment - Info Disclosure
CVSS 7.5
CVE-2025-30519
CRITICAL
Dover Fueling Solutions ProGauge MagLink LX4 - Privilege Escalation
CVSS 9.8
CVE-2025-6737
HIGH
Securden's Unified PAM - Privilege Escalation
CVSS 7.2
CVE-2025-55584
MEDIUM
TOTOLINK A3002R v4.0.0-B20230531.1404 - Info Disclosure
CVSS 5.3
CVE-2025-35970
HIGH
SEIKO EPSON/FUJIFILM - Info Disclosure
CVSS 7.5
CVE-2025-6077
CRITICAL
Partner Software - Info Disclosure
CVSS 9.8
CVE-2025-53558
HIGH
ZTE Japan K.K. - Auth Bypass
CVSS 8.8
CVE-2025-6523
HIGH
Devolutions Server <2025.2.3.0 - Auth Bypass
CVSS 7.7
CVE-2025-52364
HIGH
Tenda CP3 Pro Firmware V22.5.4.93 - RCE
CVSS 7.5
CVE-2024-51978
CRITICAL
Unknown Device - Info Disclosure
CVSS 9.8
CVE-2025-4057
MEDIUM
ActiveMQ Artemis - Info Disclosure
CVSS 5.5
CVE-2025-32471
LOW
Device <unknown> - Info Disclosure
CVSS 3.7
CVE-2025-2229
HIGH
Token Generation - Info Disclosure
CVSS 7.7
CVE-2025-1081
LOW
Bharti Airtel Xstream Fiber <20250123 - Info Disclosure
CVSS 3.1
CVE-2025-22936
MEDIUM
Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router - Info Disclosure
CVSS 5.7
CVE-2024-52331
HIGH
ECOVACS - Code Injection
CVSS 7.5
CVE-2024-43659
HIGH
Iocharger AC <25010801 - Info Disclosure
CVSS 7.2
CVE-2024-11717
CTFd <3.7.4 - Info Disclosure
CVE-2024-12728
CRITICAL
Sophos Firewall <20.0.3 - Privilege Escalation
CVSS 9.8
CVE-2024-45722
HIGH
Ruijie Reyee OS <2.320 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
43