Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-521

CWE-521

Weak Password Requirements

Parent: CWE-1391 - Use of Weak Credentials

The product does not require that users should have strong passwords.

257 vulnerabilities with CWE-521

CVE-2026-11493 MEDIUM

Tenda AC15 Samba smb.conf weak password

CVE-2026-9394 LOW

Besen BS20 EV Charging Station Bluetooth Low Energy weak password

CVE-2026-41038 HIGH

Weak Password Policy Vulnerability in Quantum Networks Router QN-I-470

CVE-2026-6284 CRITICAL

Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

CVE-2026-33771 HIGH

CTP OS: Configuring password requirements does not work which permits the use of weak passwords

CVE-2026-34203 LOW

Nautobot: Management of users via REST API does not apply configured password validators

CVE-2026-27575 CRITICAL

Vikunja < 2.0.0 - Insufficient Session Expiration and Weak Password Enforcement

CVE-2026-25715 CRITICAL

USR-W610 < 3.1.1.0 - Unauthenticated Administrative Access via Blank Credentials

CVE-2026-1408 LOW

Beetel 777VR1 <01.00.09/01.00.09_55 - Info Disclosure

CVE-2025-55269 MEDIUM

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability

CVE-2025-55252 LOW

HCL AION 2 - Weak Password Requirements

CVE-2025-68963 MEDIUM

Huawei EMUI - Man-in-the-Middle Attack in Clone Module

CVE-2025-68716 HIGH

KAYSUS KS-WR3600 Firmware 1.0.5.9.1 - Unauthenticated Root Shell Access via SSH

CVE-2025-23408 MEDIUM

Apache Fineract <1.10.1 - Info Disclosure

CVE-2025-67513 MEDIUM

FreePBX <16.0.96 & <17.0.1-9 - Info Disclosure

CVE-2025-53963 CRITICAL

Thermo Fisher Ion Torrent OneTouch 2 - RCE

CVE-2025-65014 LOW

LibreNMS <25.11.0 - Info Disclosure

CVE-2025-63800 HIGH

Open Source Point of Sale 3.4.1 - Info Disclosure

CVE-2025-63747 CRITICAL

QaTraq 6.9.2 - Unauthenticated Default Credentials Exposure

CVE-2025-55034 HIGH

General Industrial Controls Lynx+ Gateway - Info Disclosure

CVE-2025-12552 CRITICAL

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Weak Password Requirements

CVE-2025-11200 CRITICAL

MLflow < 2.21.0 and < 2.22.0rc0 - Unauthenticated Authentication Bypass via Weak Password Requirements

CVE-2025-12364 CRITICAL

BLU-IC2, IC4 <1.19.5 - Info Disclosure

CVE-2025-12285 CRITICAL

BLU-IC2 and BLU-IC4 < 1.20 - Weak Password Requirements

CVE-2025-60954 HIGH

Microweber CMS 2.0 - Info Disclosure

Page 1 of 11 Next

Details

Vulnerabilities 257

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy