CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,719 vulnerabilities with CWE-798
CVE-2021-37555 CRITICAL
TX9 Automatic Food Dispenser Firmware - Use of Hard-coded Credentials
CVSS 9.8
CVE-2021-31579 HIGH
Akkadianlabs Ova Appliance < 3.0 - Hard-coded Credentials
CVSS 8.2
CVE-2021-22730 CRITICAL
Schneider-electric Evlink City Evc1s22p4 Firmware < r8_v3.4.0.1 - Hard-coded Credentials
CVSS 9.8
CVE-2021-22707 CRITICAL
Schneider-electric Evlink City Evc1s22p4 Firmware < r8_v3.4.0.1 - Hard-coded Credentials
CVSS 9.8
CVE-2021-36799 HIGH
KNX ETS5 < 5.7.6 - Use of Hard-coded Credentials
CVSS 8.8
CVE-2021-35961 CRITICAL
Dr. ID Door Access Control and Personnel Attendance Management < 3.4.0.0.3.12_20210525 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2021-21820 CRITICAL
D-LINK DIR-3040 1.13B03 - Use of Hard-coded Credentials in Libcli Test Environment
CVSS 9.8
CVE-2021-21818 HIGH
D-LINK DIR-3040 1.13B03 - Denial of Service via Zebra IP Routing Manager
CVSS 7.5
CVE-2021-0279 HIGH
Juniper Networks Contrail Cloud <13.6.0 - DoS
CVSS 8.6
CVE-2021-20537 MEDIUM
IBM Security Verify Access Docker 10.0.0 - Info Disclosure
CVSS 6.5
CVE-2021-34688 LOW
iDrive RemotePC < 7.6.48 - Information Disclosure via Hard-coded Encryption Key
CVSS 3.3
CVE-2021-20748 HIGH
Retty App <4.8.13-4.11.14 - Info Disclosure
CVSS 7.5
CVE-2021-1576 HIGH
Cisco Business Process Automation < 3.1 - Authenticated Privilege Escalation via Improper Authorization
CVSS 8.8
CVE-2021-1574 HIGH
Cisco Business Process Automation < 3.1 - Authenticated Privilege Escalation via Improper Authorization Enforcement
CVSS 8.8
CVE-2021-33220 HIGH
CommScope Ruckus IoT Controller <1.7.1.0 - Info Disclosure
CVSS 7.8
CVE-2021-33219 CRITICAL
CommScope Ruckus IoT Controller <1.7.1.0 - Info Disclosure
CVSS 9.8
CVE-2021-33218 CRITICAL
CommScope Ruckus IoT Controller <1.7.1.0 - Privilege Escalation
CVSS 9.8
CVE-2021-32535 CRITICAL
QSAN SANOS < 2.1.0 - Unauthenticated Use of Hard-coded Credentials
CVSS 9.8
CVE-2021-32525 CRITICAL
QSAN Storage Manager < 3.3.1 - Use of Hard-coded Password
CVSS 9.1
CVE-2021-32521 HIGH
QSAN Storage Manager, XEVO, SANOS - Privilege Escalation
CVSS 7.3
CVE-2021-32520 CRITICAL
QSAN Storage Manager - Info Disclosure
CVSS 9.8
CVE-2021-24005 MEDIUM
FortiAuthenticator < 6.3.0 - Hard-coded Cryptographic Key Exposure
CVSS 4.0
CVE-2021-31505 MEDIUM
Arlo Q Plus 1.9.0.3_278 - Unauthenticated Privilege Escalation via SSH Hard-coded Credentials
CVSS 6.8
CVE-2021-33540 HIGH
Phoenix Contact AXL F BK/IL BK - Info Disclosure
CVSS 7.3
CVE-2021-33531 HIGH
Weidmueller Industrial WLAN - Command Injection
CVSS 8.8
Details
Vulnerabilities 1,719
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits