Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-798

CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,712 vulnerabilities with CWE-798

CVE-2024-5764 MEDIUM

Sonatype Nexus Repository 3.0.0-3.72.0 - Use of Hard-coded Credentials in Configuration Database Encryption

CVE-2024-4740 MEDIUM

MXsecurity < 1.1.0 - Use of Hard-coded Credentials

CVE-2024-48192 HIGH

Tenda G3 v15.01.0.5(2848_755)_EN - Use of Hard-coded Credentials in /etc_ro/shadow

CVE-2024-10025 CRITICAL

SICK CLV6xx, Lector6xx, and RFx6xx - Use of Hard-coded Credentials

CVE-2024-20280 MEDIUM

Cisco UCS Central Software - Info Disclosure

CVE-2024-9594 MEDIUM

kubernetes-sigs/image_builder <= v0.1.37 - Use of Hard-coded Credentials in Nutanix, OVA, QEMU, and Raw Providers

CVE-2024-9486 CRITICAL

kubernetes-sigs/image_builder <= 0.1.37 - Use of Hard-coded Credentials in Proxmox Provider

CVE-2024-45275 CRITICAL

Helmholz REX 100 and MBConnectLine MBnet.mini Firmware <= 2.3.1 - Hardcoded Credentials

CVE-2024-7206 HIGH

eWeLink Zigbee Bridge Pro <= 2.0.0 - SSL Pinning Bypass Secret Extraction

CVE-2024-28812 HIGH

Infinera hiT 7300 5.60.50 - Unauthenticated Remote Code Execution via Hardcoded SSH Credentials

CVE-2024-28809 HIGH

Infinera hiT 7300 5.60.50 - Cleartext Storage of Sensitive Password in Firmware Update Packages

CVE-2024-8450 HIGH

PLANET GS-4210-24P2S and GS-4210-24PL4C Firmware - Use of Hard-coded Credentials in SNMPv1 Service

CVE-2024-8449 MEDIUM

PLANET Technology - Unauthenticated RCE

CVE-2024-8448 HIGH

PLANET Technology - Command Injection

CVE-2024-23958 MEDIUM

Autel MaxiCharger AC Elite Business C50 - Unauthenticated Bypass via BLE Hardcoded Credentials

CVE-2024-43423 CRITICAL

ProGauge MAGLINK LX4 CONSOLE - Info Disclosure

CVE-2024-45861 HIGH

Kastle Access Control System Firmware < 2024-05-01 - Use of Hard-coded Credentials

CVE-2024-45698 CRITICAL

D-Link DIR-X4860 Firmware - Unauthenticated OS Command Injection via Telnet Service

CVE-2024-6656 CRITICAL

TNB Mobile Solutions Cockpit Software <2.13 - Info Disclosure

CVE-2024-28990 MEDIUM

SolarWinds Access Rights Manager < 2024.3.1 - Authentication Bypass via Hard-coded Credentials

CVE-2024-39582 LOW

Dell PowerScale InsightIQ 5.0 - Use of Hard-coded Credentials

CVE-2024-39585 HIGH

Dell SmartFabric OS10 10.5.5.4-10.5.5.10 and 10.5.6.x - Use of Hard-coded Password

CVE-2024-20439 CRITICAL KEV

Cisco Smart Licensing Utility - Auth Bypass

CVE-2024-35118 MEDIUM

IBM MaaS360 for Android 6.31-8.60 - Use of Hard-coded Credentials

CVE-2024-6633 CRITICAL

FileCatalyst Workflow - Info Disclosure

Previous Page 16 of 69 Next

Details

Vulnerabilities 1,712

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy