CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,719 vulnerabilities with CWE-798
CVE-2021-43052 CRITICAL
TIBCO FTL < 6.7.2 - Authentication Bypass via Hard-coded Realm Server Secret
CVSS 9.3
CVE-2021-45033 HIGH
Siemens CP-8000 and CP-8022 Master Modules < 16.20 - Hard-coded Credentials in Debug Port
CVSS 8.8
CVE-2021-45458 HIGH
Apache Kylin <2.6.6, <3.1.2 - Info Disclosure
CVSS 7.5
CVE-2021-45913 HIGH
ControlUp Real-Time Agent <8.2.5 - Command Injection
CVSS 7.2
CVE-2021-45732 HIGH
Netgear Nighthawk R6700 <1.0.4.120 - Info Disclosure
CVSS 8.8
CVE-2021-20170 HIGH
Netgear RAX43 1.0.3.96 - Use of Hard-coded Credentials in Configuration Backup
CVSS 8.8
CVE-2021-20155 CRITICAL
Trendnet TEW-827DRU 2.08B01 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2021-20132 HIGH
D-Link DIR-2640-US Firmware <= 1.11b02 - Use of Hard-coded Credentials in Quagga Services
CVSS 8.8
CVE-2021-35232 MEDIUM
SolarWinds Web Help Desk - Info Disclosure
CVSS 6.8
CVE-2021-32993 HIGH
Philips IntelliBridge EC40 and EC80 Firmware < c.00.04 - Use of Hard-coded Credentials
CVSS 8.1
CVE-2021-45522 MEDIUM
NETGEAR XR1000 Firmware < 1.0.0.58 - Use of Hard-coded Credentials
CVSS 6.1
CVE-2021-45521 HIGH
NETGEAR RBK352/RBR350/RBS350 < 4.4.0.10 - Use of Hard-coded Credentials
CVSS 7.4
CVE-2021-45520 CRITICAL
NETGEAR RBK352/RBR350/RBS350 < 4.4.0.10 - Use of Hard-coded Credentials
CVSS 9.6
CVE-2021-44207 HIGH KEV
Acclaim USAHERDS <= 7.4.0.1 - Use of Hard-coded Credentials
CVSS 8.1
CVE-2021-41028 HIGH
FortiClientEMS <7.0.1-6.4.6 - Man-in-the-Middle
CVSS 8.2
CVE-2021-26108 HIGH
FortiOS < 5.6.13 - Use of Hard-coded Cryptographic Key in SSLVPN
CVSS 7.5
CVE-2021-43044 CRITICAL
Kaseya Unitrends Backup <10.5.5 - Info Disclosure
CVSS 9.8
CVE-2021-43284 HIGH
Victure WR1200 <1.0.3 - Privilege Escalation
CVSS 7.8
CVE-2021-43282 MEDIUM
Victure WR1200 <1.0.3 - Info Disclosure
CVSS 6.5
CVE-2021-26611 HIGH
HejHome GKW-IC052 Firmware - Use of Hard-coded Credentials
CVSS 8.1
CVE-2021-40519 CRITICAL
Airangel HSMX Gateway <5.2.04 - Info Disclosure
CVSS 10.0
CVE-2021-43136 CRITICAL
FormaLMS <= 2.4.4 - Authentication Bypass via Hard-coded Credentials
CVSS 9.8
CVE-2021-43575 MEDIUM
KNX ETS6 through 6.0.0 - Use of Hard-coded Credentials
CVSS 5.5
CVE-2021-40119 CRITICAL
Cisco Policy Suite - Privilege Escalation
CVSS 9.8
CVE-2021-38461 HIGH
Auvesy versiondog <= 8.0.0 - Hard-coded Encryption Key
CVSS 8.2
Details
Vulnerabilities 1,719
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits