CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,712 vulnerabilities with CWE-798
CVE-2024-4708 CRITICAL
mySCADA myPRO < 8.31.0 - Remote Code Execution via Hard-coded Password
CVSS 9.8
CVE-2024-38480 MEDIUM
Piccoma App for Android and iOS < 6.20.0 - Hard-coded API Key Exposure
CVSS 4.0
CVE-2024-39208 CRITICAL
luci-app-lucky v2.8.3 - Info Disclosure
CVSS 9.8
CVE-2024-39374 CRITICAL
marKoni D Compact and DH Exciter+Amplifiers Firmware < 2.0.1 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2024-0949 CRITICAL
Talya Informatics Elektraweb <17.0.68 - Auth Bypass
CVSS 9.8
CVE-2024-33329 HIGH
Lumisxp 15.0.x-16.1.x - Unauthenticated Authentication Bypass via Hardcoded Credentials
CVSS 7.5
CVE-2024-5460 HIGH
Brocade Fabric OS < 9.0.0 - Authenticated Data Exposure via SNMP Default Community String
CVSS 8.1
CVE-2024-36496 HIGH
Faronics WINSelect - Information Disclosure via Static Encryption Key
CVSS 7.5
CVE-2024-36480 CRITICAL
Ricoh Streamline NX PC Client <3.7.2 - Privilege Escalation
CVSS 9.8
CVE-2024-6045 HIGH
D-Link Multiple Models < 1.10.01/1.10.02/1.20.01 - Unauthenticated Hard-coded Credentials Exposure via Telnet Backdoor
CVSS 8.8
CVE-2024-38466 CRITICAL
Shenzhen Guoxin Synthesis <8.3.0 - Info Disclosure
CVSS 9.8
CVE-2024-27170 HIGH
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Credentials for WebDAV Access
CVSS 7.4
CVE-2024-27168 HIGH
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Credentials
CVSS 7.1
CVE-2024-27161 MEDIUM
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Credentials
CVSS 6.2
CVE-2024-27160 MEDIUM
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Credentials for Log Encryption
CVSS 6.2
CVE-2024-27159 MEDIUM
Toshiba Tec e-Studio multi-function peripheral (MFP) - Use of Hard-coded Credentials for Log Encryption
CVSS 6.2
CVE-2024-37630 HIGH
D-Link DIR-605L v2.13B01 - Use of Hard-coded Credentials in /etc/passwd
CVSS 8.8
CVE-2024-38281 CRITICAL
Motorola Vigilant Fixed LPR COMS Box Firmware <= 3.1.171.9 - Hardcoded Credentials
CVSS 9.8
CVE-2024-0865 HIGH
EcoStruxure IT Gateway < 1.21.0 - Local Privilege Escalation via Hard-coded Credentials
CVSS 7.8
CVE-2024-29855 CRITICAL
Veeam Recovery Orchestrator - Auth Bypass
CVSS 9.0
CVE-2024-3700 CRITICAL
Estomed Sp. z o.o. Simple Care - Info Disclosure
CVSS 9.8
CVE-2024-3699 CRITICAL
drEryk Gabinet <9.17.0.0 - Info Disclosure
CVSS 9.8
CVE-2024-1228 CRITICAL
Eurosoft Przychodnia <20240417.001 - Info Disclosure
CVSS 9.8
CVE-2024-3408 CRITICAL
D-Tale RCE
CVSS 9.8
CVE-2024-29170 HIGH
Dell PowerScale OneFS 8.2.0-9.8.0.0 - Use of Hard-coded Credentials
CVSS 8.1
Details
Vulnerabilities 1,712
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits