CWE-259

High likelihood

Use of Hard-coded Password

Parent: CWE-798 - Use of Hard-coded Credentials

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

194 vulnerabilities with CWE-259
CVE-2024-28066 HIGH
Unify CP IP Phone <1.10.4.3 - Info Disclosure
CVSS 8.8
CVE-2024-27488 CRITICAL
ZLMediaKit <8.0 - Privilege Escalation
CVSS 9.8
CVE-2024-28010 CRITICAL
NEC Corporation Various Products - Use After Free
CVSS 9.8
CVE-2024-26196 MEDIUM
Microsoft Edge for Android < 122.0.2365.63 - Information Disclosure via Hard-coded Password
CVSS 4.3
CVE-2024-2197 MEDIUM
Chirp Access < v1.26.0 - Use of Hard-coded Password in Bluetooth Beacon Configuration
CVSS 4.3
CVE-2024-27774 HIGH
Unitronics Unistream Unilogic - Info Disclosure
CVSS 7.5
CVE-2023-37231 CRITICAL
Loftware Spectrum <4.6 HF14 - Code Injection
CVSS 9.8
CVE-2023-46685 CRITICAL
LevelOne WBR-6013 - Command Injection
CVSS 9.8
CVE-2023-51629 HIGH
D-Link DCS-8300LHV2 Firmware < 1.07.02 - Unauthenticated Authentication Bypass via ONVIF Hardcoded PIN
CVSS 8.8
CVE-2023-32145 HIGH
D-Link DAP-1360 and DAP-2020 Firmware - Unauthenticated Authentication Bypass via Hardcoded Credentials
CVSS 8.8
CVE-2023-49963 HIGH
DYMO LabelWriter Print Server <2.366 - RCE
CVSS 8.8
CVE-2023-50948 MEDIUM
IBM Storage Fusion HCI <2.7 - Info Disclosure
CVSS 6.5
CVE-2023-28895 LOW
MIB3 Firmware < 0304 - Hard-coded Password for PWC Debugging Console
CVSS 3.5
CVE-2023-41713 HIGH
SonicOS < 7.0.1-5145 - Use of Hard-coded Password in dynHandleBuyToolbar Demo Function
CVSS 7.5
CVE-2023-5222 MEDIUM
Viessmann Vitogate 300 <2.1.3.0 - Hard-Coded Password
CVSS 6.3
CVE-2023-41030 MEDIUM
Juplink RX4-1500 <V1.0.5 - Info Disclosure
CVSS 6.3
CVE-2023-23771 HIGH
Motorola MBTS Base Radio - Auth Bypass
CVSS 8.4
CVE-2023-23770 CRITICAL
Motorola MBTS Site Controller - Auth Bypass
CVSS 9.4
CVE-2023-3237 MEDIUM
otcms < 6.62 - Use of Hard-coded Password
CVSS 6.3
CVE-2023-2061 MEDIUM
Mitsubishi Electric Corporation MELSEC iQ-R/F - Info Disclosure
CVSS 6.2
CVE-2023-1944 HIGH
Kubernetes Minikube - Default SSH Password
CVSS 8.4
CVE-2023-2799 MEDIUM
cnoa OA <5.1.1.5 - Hard-Coded Password
CVSS 6.3
CVE-2023-2645 CRITICAL
USR USR-G806 1.0.41 - Hard-Coded Password
CVSS 9.8
CVE-2023-29103 MEDIUM
SIMATIC Cloud Connect - Info Disclosure
CVSS 4.3
CVE-2023-0808 LOW
Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.47 -...
CVSS 3.9
Details
Vulnerabilities 194
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits