Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-798

CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,719 vulnerabilities with CWE-798

CVE-2022-26020 MEDIUM

InHand Networks InRouter302 V3.5.4 - Info Disclosure

CVE-2022-23724 MEDIUM

PingIdentity PingID Integration for Windows Login <= 2.4.2 - Authentication Bypass

CVE-2022-29856 HIGH

Automation360 22 - Use of Hard-coded Cryptographic Key

CVE-2022-23942 HIGH

Apache Doris <1.0.0 - Info Disclosure

CVE-2022-26672 HIGH

ASUS WebStorage < 3.10.2 - Unauthenticated Use of Hard-coded Credentials

CVE-2022-20773 HIGH

Cisco Umbrella Virtual Appliance (VA) - Privilege Escalation

CVE-2022-24860 HIGH

Databasir 1.01 - Use of Hard-coded Cryptographic Key

CVE-2022-28810 MEDIUM KEV

ManageEngine ADSelfService Plus Custom Script Execution

CVE-2022-27506 LOW

Citrix SD-WAN Firmware < 11.4.1 - Use of Hard-coded Credentials via SD-WAN CLI

CVE-2022-22560 HIGH

Dell EMC PowerScale OneFS - Hard Coded Credentials

CVE-2022-26671 HIGH

Taiwan Secom Dr.ID Access Control - Info Disclosure

CVE-2022-23440 HIGH

FortiEDR 4.0.0-5.0.2 - Use of Hard-coded Cryptographic Key in Registration Mechanism

CVE-2022-23441 CRITICAL

FortiEDR 4.0.0, 5.0.0-5.0.2 - Unauthenticated Message Forgery via Hard-coded Cryptographic Key

CVE-2022-1162 CRITICAL

GitLab 14.7-14.7.6, 14.8-14.8.4, 14.9-14.9.1 - Authentication Bypass via Hardcoded OmniAuth Password

CVE-2022-25569 CRITICAL

Bettinivideo Sgsetup - Hard-coded Credentials

CVE-2022-24693 CRITICAL

Baicells Nova436Q & Neutrino 430 - Info Disclosure

CVE-2022-25521 CRITICAL

NUUO Network Video Recorder Firmware < 1.0 - Use of Hard-coded Credentials

CVE-2022-25577 CRITICAL

alf-banco < 8.2.5 - Use of Hard-coded Credentials for SQLite Database Encryption

CVE-2022-26660 HIGH

RunAsSpc 4.0 - Use of Hard-coded Credentials

CVE-2022-25246 CRITICAL

PTC Axeda Agent and Desktop Server - Use of Hard-coded Credentials

CVE-2022-23402 CRITICAL

Yokogawa CENTUM VP R5.01.00-R5.04.20 and R6.01.00-R6.08.00 and Exaopc R3.72.00-R3.79.00 - Use of Hard-coded Credentials

CVE-2022-21194 CRITICAL

Yokogawa CENTUM VP R5.01.00-R5.04.20 and R6.01.00-R6.08.00 and Exaopc R3.72.00-R3.79.00 - Use of Hard-coded Credentials

CVE-2022-25510 HIGH

FreeTAKServer < 1.9.8.5 - Authentication Bypass via Hardcoded Flask Secret Key

CVE-2022-25217 HIGH

Phicomm K2 <22.5.9.163 & K3C <32.1.15.93 - Unauthenticated Root Shell via Hard-coded RSA Key

CVE-2022-25213 MEDIUM

Phicomm K2/K2G/K2P/K3/K3C Firmware - Unauthenticated Root Shell via UART Port

Previous Page 35 of 69 Next

Details

Vulnerabilities 1,719

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy