CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,721 vulnerabilities with CWE-798
CVE-2019-3918 CRITICAL
Alcatel Lucent I-240W-Q GPON ONT 3FE54567BOZJ19 - Use of Hard-coded Credentials for Telnet and SSH
CVSS 9.8
CVE-2019-8950 CRITICAL
DASAN H665 Firmware - Use of Hard-coded Credentials in /bin/login
CVSS 9.8
CVE-2019-1688 HIGH
Cisco Network Assurance Engine 3.0(1) - Unauthenticated Use of Hard-coded Credentials
CVSS 7.1
CVE-2019-1675 HIGH
Cisco Aironet Active Sensor - Unauthenticated Denial of Service via Hard-coded Credentials
CVSS 7.5
CVE-2019-6499 HIGH
Teradata Viewpoint < 14.0 and 16.20.00.02-b80 - Use of Hard-coded Credentials
CVSS 8.1
CVE-2019-3908 HIGH
Premisys Identicard <3.1.190 - Info Disclosure
CVSS 7.5
CVE-2019-3907 HIGH
Premisys Identicard <3.1.190 - Info Disclosure
CVSS 7.5
CVE-2019-3906 HIGH
Premisys Identicard 3.1.190 - Authenticated Database Access via Hardcoded WCF Credentials
CVSS 8.8
CVE-2019-0022 CRITICAL
Juniper Advanced Threat Prevention 5.0.0-5.0.2 - Use of Hard-coded Credentials
CVSS 10.0
CVE-2019-0020 CRITICAL
Juniper Advanced Threat Prevention 5.0.0-5.0.2 - Use of Hard-coded Credentials
CVSS 10.0
CVE-2018-25138 CRITICAL
FLIR AX8 Thermal Camera 1.32.16 - Auth Bypass
CVSS 9.8
CVE-2018-25126 CRITICAL
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 - Command Injec...
CVE-2018-17558 CRITICAL
ABUS TVIP Firmware - OS Command Injection via /cgi-bin/mft/ Directory
CVSS 9.8
CVE-2018-20432 CRITICAL
D-Link COVR-2600R and COVR-3902 Firmware < 1.01b05 - Unauthenticated Hardcoded Credentials
CVSS 9.8
CVE-2018-17771 MEDIUM
Ingenico Telium 2 - Info Disclosure
CVSS 6.6
CVE-2018-17767 MEDIUM
Ingenico Telium 2 - Info Disclosure
CVSS 6.8
CVE-2018-6446 CRITICAL
Brocade Network Advisor < 14.3.1 - Unauthenticated Remote Code Execution via Hard-coded JBoss Credentials
CVSS 9.8
CVE-2018-21137 CRITICAL
NETGEAR D3600 and D6000 < 1.0.0.76 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2018-9195 MEDIUM
FortiClient < 6.0.6 and < 6.2.1 - Use of Hard-coded Cryptographic Key in FortiGuard Services Communication
CVSS 5.9
CVE-2018-18929 HIGH
Seneca HDn Firmware < 7.0.4.104 - Use of Hard-coded Credentials in Unattend.xml
CVSS 8.8
CVE-2018-20955 CRITICAL
Swann SWWHD-INTCAM-HD - Use of Hard-coded Credentials
CVSS 9.8
CVE-2018-14528 CRITICAL
Invoxia NVX220 Firmware - Use of Hard-coded Credentials
CVSS 9.8
CVE-2018-11691 CRITICAL
Emerson DeltaV Smart Switch Command Center 11.3.x and 12.3.1 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2018-4017 HIGH
Roav A1 Dashcam Firmware RoavA1SWV1.9 - Use of Hard-coded Credentials
CVSS 8.8
CVE-2018-18979 HIGH
Ascensia Contour Diabetes < 2.5.0 - Use of Hard-coded Initialization Vector
CVSS 7.4
Details
Vulnerabilities 1,721
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits