CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,712 vulnerabilities with CWE-798
CVE-2025-55262 HIGH
HCL Aftermarket DPC is affected by SQL Injection
CVSS 8.3
CVE-2025-12708 MEDIUM
IBM Concert 1.0.0-2.2.0 - Hard-Coded Credentials
CVSS 6.2
CVE-2025-15605 HIGH
Hardcoded Cryptographic Key in Configuration Encryption Mechanism on TP-Link Archer NX200, NX210, NX500 and NX600
CVSS 7.3
CVE-2025-41710 MEDIUM
FTP Server - Auth Bypass
CVSS 6.5
CVE-2025-13957 HIGH
SOCKS Proxy - Info Disclosure & RCE
CVE-2025-14923 MEDIUM
IBM WebSphere Liberty 17.0.0.3-26.0.0.2 - Auth Bypass
CVSS 4.7
CVE-2025-1242 CRITICAL
Gardyn Home Kit - Use of Hard-coded Credentials
CVSS 9.1
CVE-2025-13776 HIGH
Finka products - Use of Hard-coded Credentials
CVSS 7.1
CVE-2025-67304 CRITICAL
Ruckus Network Director <4.5.0.54 - Auth Bypass
CVSS 9.8
CVE-2025-33089 MEDIUM
IBM Concert 1.0.0-2.1.0 - Auth Bypass
CVSS 6.5
CVE-2025-69971 CRITICAL
FUXA < 1.3.0 - Hard-coded JWT Secret Key
CVSS 9.8
CVE-2025-40537 HIGH
SolarWinds Web Help Desk < 2026.1 - Use of Hard-coded Credentials
CVSS 7.5
CVE-2025-59107 HIGH
Dormakaba FWServiceTool - Info Disclosure
CVE-2025-59096 MEDIUM
Kaba exos 9300 - Use of Hard-coded Credentials in U9ExosAdmin.exe
CVE-2025-59095 MEDIUM
Kaba exos 9300 - Use of Hard-coded Credentials in Kaba.EXOS.common.dll
CVE-2025-59092 HIGH
Kaba exos 9300 < 4.4.0 - Unauthenticated Use of Hard-coded Credentials in RPC Service
CVE-2025-59091 CRITICAL
Kaba exos 9300 < 4.4.1 - Use of Hard-coded Credentials in Datapoint Server
CVE-2025-58744 HIGH
Milner ImageDirector Capture <7.6.3.25808 - Default Credentials
CVSS 7.5
CVE-2025-14115 HIGH
IBM Sterling Connect:Direct for UNIX Container - Info Disclosure
CVSS 8.4
CVE-2025-69426 CRITICAL
Ruckus vRIoT IoT Controller <3.0.0.0 - Privilege Escalation
CVE-2025-69425 CRITICAL
Ruckus vRIoT IoT Controller <3.0.0.0 - Command Injection
CVE-2025-7072 CRITICAL
KAON CG3000TC/CG3000T - Command Injection
CVE-2025-15371 HIGH
Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G, TEG5328F - Hard-Coded Credentials in Shadow File
CVSS 7.8
CVE-2025-68926 CRITICAL
RustFS <1.0.0-alpha.78 - Auth Bypass
CVSS 9.8
CVE-2025-15107 LOW
Actiontech SQLE <=4.2511.0 - Use of Hard-coded Cryptographic Key
CVSS 3.7
Details
Vulnerabilities 1,712
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits