CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,713 vulnerabilities with CWE-798
CVE-2024-29170 HIGH
Dell PowerScale OneFS 8.2.0-9.8.0.0 - Use of Hard-coded Credentials
CVSS 8.1
CVE-2024-36782 CRITICAL
TOTOLINK CP300 V2.0.4-B20201102 - Info Disclosure
CVSS 9.8
CVE-2024-5514 CRITICAL
MinMax CMS - Use of Hard-coded Credentials
CVSS 9.8
CVE-2024-36049 MEDIUM
Aptos Wisal Payroll Accounting <7.1.6 - Info Disclosure
CVSS 6.5
CVE-2024-35396 CRITICAL
TOTOLINK CP900L v4.1.5cu.798_B20221228 - Hardcoded Password for Telnet
CVSS 9.8
CVE-2024-32988 HIGH
OfferBox <2.3.17-2.6.14 - Info Disclosure
CVSS 7.5
CVE-2024-4844 HIGH
Trellix ePO <5.10 SP1U2 - Info Disclosure
CVSS 7.5
CVE-2024-32053 CRITICAL
CyberPower PowerPanel - Info Disclosure
CVSS 9.8
CVE-2024-27107 CRITICAL
GE HealthCare EchoPAC - Info Disclosure
CVSS 9.6
CVE-2024-32740 CRITICAL
SIMATIC CN 4100 < 3.0 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2024-34219 HIGH
TOTOLINK CP450 V4.1.0cu.747_B20191224 - Use of Hard-coded Credentials in SetTelnetCfg
CVSS 8.6
CVE-2024-31810 CRITICAL
TOTOLINK EX200 V4.0.3c.7646 - Info Disclosure
CVSS 9.8
CVE-2024-23473 HIGH
SolarWinds Access Rights Manager < 2023.2.4 - Hard-coded Credential Authentication Bypass
CVSS 8.6
CVE-2024-3544 HIGH
Progress LoadMaster < 7.2.48.11, 7.2.49.0-7.2.54.10, 7.2.55.0-7.2.59.4 - Hard-coded SSH Credentials
CVSS 7.5
CVE-2024-22813 MEDIUM
Tormach PathPilot Controller 2.9.6 - Hardcoded IP Address Overwrite
CVSS 4.4
CVE-2024-29966 HIGH
Brocade SANnav <2.3.1-2.3.0a - Info Disclosure
CVSS 7.5
CVE-2024-29963 LOW
Brocade SANnav <2.3.1-2.3.0a - Info Disclosure
CVSS 1.9
CVE-2024-29960 MEDIUM
Brocade SANnav <2.3.1-2.3.0a - MITM
CVSS 6.8
CVE-2024-21990 MEDIUM
ONTAP Select Deploy <9.14.1.x - Info Disclosure
CVSS 5.4
CVE-2024-31873 HIGH
IBM Security Verify Access Appliance <10.0.8 - Info Disclosure
CVSS 7.5
CVE-2024-29063 HIGH
Azure AI Search - Information Disclosure via Hard-coded Credentials
CVSS 7.3
CVE-2024-3272 CRITICAL KEV
D-Link DNS-320L, DNS-325, DNS-327L, DNS-340L <20240403 - Hard-coded Credentials in nas_sharing.cgi
CVSS 9.8
CVE-2024-3130 MEDIUM
CoolKit eWeLlink <5.4.x - Info Disclosure
CVSS 5.7
CVE-2024-2161 CRITICAL
Kiloview NDI N3 N3-s N4 N20 N30 N40 - Unauthenticated Authentication Bypass via Hard-coded Credentials
CVSS 9.8
CVE-2024-22083 MEDIUM
Espec G5 <1.1.4.15 - Code Injection
CVSS 6.5
Details
Vulnerabilities 1,713
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits