CWE-259

High likelihood

Use of Hard-coded Password

Parent: CWE-798 - Use of Hard-coded Credentials

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

194 vulnerabilities with CWE-259
CVE-2024-7155 LOW
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Info Disclosure
CVSS 2.5
CVE-2024-39345 HIGH
AdTran SDG SmartOS < 12.1.3.1 - Unauthenticated Remote Code Execution via Hardcoded Support Account
CVSS 7.2
CVE-2024-36526 CRITICAL
ZKTeco ZKBio CVSecurity <6.1.1 - Info Disclosure
CVSS 9.8
CVE-2024-4708 CRITICAL
mySCADA myPRO < 8.31.0 - Remote Code Execution via Hard-coded Password
CVSS 9.8
CVE-2024-38902 CRITICAL
H3C Magic R230 V100R002 - Info Disclosure
CVSS 9.8
CVE-2024-5275 HIGH
FileCatalyst <3.8.10-5.1.6 - Info Disclosure
CVSS 7.8
CVE-2024-37644 HIGH
TRENDnet TEW-814DAP v1_FW1.01B01 - Info Disclosure
CVSS 8.8
CVE-2024-34539 CRITICAL
TerraMaster TOS <5.1 - Info Disclosure
CVSS 9.4
CVE-2024-27164 HIGH
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Password
CVSS 7.1
CVE-2024-28023 MEDIUM
Message Queueing Mechanism - Info Disclosure
CVSS 5.7
CVE-2024-3700 CRITICAL
Estomed Sp. z o.o. Simple Care - Info Disclosure
CVSS 9.8
CVE-2024-3699 CRITICAL
drEryk Gabinet <9.17.0.0 - Info Disclosure
CVSS 9.8
CVE-2024-1228 CRITICAL
Eurosoft Przychodnia <20240417.001 - Info Disclosure
CVSS 9.8
CVE-2024-2420 CRITICAL
LenelS2 NetBox <5.6.1 - Auth Bypass
CVSS 9.8
CVE-2024-35395 HIGH
TOTOLINK CP900L <4.1.5cu.798_B20221228 - Info Disclosure
CVSS 8.8
CVE-2024-2038 HIGH
Atarim WordPress Plugin <3.22.6 - Auth Bypass
CVSS 7.5
CVE-2024-34025 CRITICAL
CyberPower PowerPanel - Auth Bypass
CVSS 9.8
CVE-2024-33625 CRITICAL
CyberPower PowerPanel - Auth Bypass
CVSS 9.8
CVE-2024-33867 MEDIUM
linqi < 1.4.0.1 - Use of Hard-coded Password Salt
CVSS 4.8
CVE-2024-32741 CRITICAL
SIMATIC CN 4100 < V3.0 - Privilege Escalation
CVSS 10.0
CVE-2024-34211 HIGH
TOTOLINK CP450 <4.1.0cu.747_B20191224 - Info Disclosure
CVSS 8.8
CVE-2024-31810 CRITICAL
TOTOLINK EX200 V4.0.3c.7646 - Info Disclosure
CVSS 9.8
CVE-2024-29011 HIGH
SonicWall GMS <= 9.3.4 - Authentication Bypass via Hard-coded Password
CVSS 7.5
CVE-2024-32210 MEDIUM
LoMag WareHouse Mgmt <1.0.20.120 - Info Disclosure
CVSS 5.3
CVE-2024-21990 MEDIUM
ONTAP Select Deploy <9.14.1.x - Info Disclosure
CVSS 5.4
Details
Vulnerabilities 194
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits