Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-798

CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,719 vulnerabilities with CWE-798

CVE-2022-25045 CRITICAL

Home Owners Collection Management System v1.0 - Use of Hard-coded Credentials

CVE-2022-24255 HIGH

Extensis Portfolio v4.0 - Privilege Escalation

CVE-2022-25329 CRITICAL

Trend Micro ServerProtect 6.0/5.8 - Unauthenticated Use of Hard-coded Credentials

CVE-2022-23650 HIGH

Netmaker <0.8.5, 0.9.4, 0.10.0 - Command Injection

CVE-2022-22765 HIGH

BD Viper LT System Firmware 2.0-4.80 - Use of Hard-coded Credentials

CVE-2022-22766 HIGH

BD Pyxis Products - Use of Hard-coded Credentials

CVE-2022-22813 CRITICAL

Schneider Electric Easergy P141-P443 Firmware - Use of Hard-coded Credentials

CVE-2022-22987 CRITICAL

Advantech ADAM-3600 Firmware <= 2.6.2 - Hardcoded Private Key

CVE-2022-22722 HIGH

Easergy P5 Firmware < 01.401.101 - Use of Hard-coded Credentials

CVE-2022-21199 MEDIUM

Reolink RLC-410W Firmware 3.0.0.136_20121102 - Information Disclosure via Hardcoded TLS Key

CVE-2022-22928 CRITICAL

MCMS v5.2.4 - Remote Code Execution via Hardcoded Shiro Key

CVE-2022-0131 LOW

Jimoty App <3.7.42 - Info Disclosure

CVE-2022-22056 CRITICAL

Le-yan Dental Management - Privilege Escalation

CVE-2022-21669 CRITICAL

puddingbot < 0.0.6-b933652 - Use of Hard-coded Credentials in main.py

CVE-2022-22845 CRITICAL

QXIP SIPCAPTURE homer-app < 1.4.28 - Use of Hard-coded JWT Secret Key

CVE-2021-47796 CRITICAL

Denver SHC-150 Smart Wifi Camera - RCE

CVE-2021-47744 HIGH

Cypress Solutions CTM-200/CTM-ONE <1.3.6 - Code Injection

CVE-2021-22126 MEDIUM

FortiWLC 8.2.6-8.2.7, 8.3.2-8.3.3, <=8.4.8, <=8.5.2 - Authenticated Hard-Coded Password Use

CVE-2021-36224 CRITICAL

Western Digital My Cloud <OS5 - Info Disclosure

CVE-2021-40342 HIGH

Hitachienergy FOXMAN-UN and UNEM - Use of Default Encryption Key

CVE-2021-35252 HIGH

Serv-U FTP Server - Info Disclosure

CVE-2021-34577 MEDIUM

Kaden PICOFLUX AiR Firmware - Unauthenticated Wireless M-Bus Mode 5 Data Exposure via Hardcoded Shared Key

CVE-2021-4228 MEDIUM

Lanner Inc IAC-AST2500A <1.00.0 - Info Disclosure

CVE-2021-44720 HIGH

Ivanti Pulse Connect Secure < 9.1R12 - Unauthenticated Privilege Escalation via Hard-coded Credentials in Targets.cgi

CVE-2021-22644 HIGH

Ovarro TBox TWinSoft - Info Disclosure

Previous Page 36 of 69 Next

Details

Vulnerabilities 1,719

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy