Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2018-15717 MEDIUM

Open Dental <18.4 - Info Disclosure

CVE-2018-16791 CRITICAL

SolarWinds SFTP/SCP Server <2018-09-10 - Info Disclosure

CVE-2018-19795 MEDIUM

ChipsBank UMPTool - Info Disclosure

CVE-2018-16223 CRITICAL

qbeecam < 1.0.5 - Insecure Credential Storage in Preferences File

CVE-2018-16222 MEDIUM

iSmartAlarm < 2.0.8 - Cleartext Credential Storage in Configuration File

CVE-2018-12038 MEDIUM

Samsung 840 EVO - Privilege Escalation

CVE-2018-19078 CRITICAL

Foscam Opticam i5 - Insufficiently Protected Credentials via ONVIF GetStreamUri Response

CVE-2018-17922 CRITICAL

Circontrol CirCarLife < 4.3.1 - Unauthenticated Cleartext Credential Exposure in Log File

CVE-2018-8858 CRITICAL

VGo Robot <3.0.3.53662 - Info Disclosure

CVE-2018-18754 CRITICAL

ZyXEL VMG3312-B10B 1.00(AAPP.7) - Insufficiently Protected Credentials

CVE-2018-18656 HIGH

PureVPN < 6.1.0 - Cleartext Credential Storage in Login Configuration File

CVE-2018-9280 MEDIUM

Eaton 9PX UPS 8000 SP - Insufficiently Protected SNMPv3 Credentials

CVE-2018-9279 MEDIUM

Eaton 9PX UPS 8000 SP - Insufficiently Protected Credentials via Webpage Source Code

CVE-2018-11079 MEDIUM

Dell EMC Secure Remote Services < 3.32.00.08 - Plaintext Password Storage in Configuration File

CVE-2018-12383 MEDIUM

Firefox <62 - Info Disclosure

CVE-2018-10824 CRITICAL

D-Link DWR-116/DIR-140L/DIR-640L/DWR-512/DWR-712/DWR-912/DWR-921/DWR-111 - Password Exposure via Path Traversal

CVE-2018-17900 CRITICAL

Yokogawa STARDOM Controllers FCJ FCN-100 FCN-RTU FCN-500 < R4.10 - Insufficiently Protected Credentials

CVE-2018-13789 HIGH

Descor Infocad FM <3.1.0.0 - Info Disclosure

CVE-2018-18074 HIGH

python/requests < 2.20.0 - Credential Exposure via HTTPS-to-HTTP Redirect

CVE-2018-14081 CRITICAL

D-Link DIR-809 A1 < 1.09, A2 < 1.11, and Guest Zone < 1.09 - Insufficiently Protected Credentials

CVE-2018-17871 MEDIUM

Verba Collaboration <9.2.1.5545 - Info Disclosure

CVE-2018-17969 CRITICAL

Samsung SCX-6545X Firmware V2.00.03.01 - Unauthenticated Cleartext Credential Exposure via SNMP Requests

CVE-2018-11752 MEDIUM

Puppet cisco_ios < 0.4.0 - Unauthenticated Credential Exposure via World-Readable Debug File

CVE-2018-11748 HIGH

Puppet device_manager < 2.7.0 - Insufficiently Protected Credentials

CVE-2018-16984 MEDIUM

Django 2.1 - Unauthenticated Password Hash Exposure via Read-Only Password Widget

Previous Page 48 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy