Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-798

CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,712 vulnerabilities with CWE-798

CVE-2025-63433 MEDIUM

Xtooltech Xtool AnyScan <4.40.40 - Code Injection

CVE-2025-59669 MEDIUM

FortiWeb 7.0.0-7.6.0 - Authenticated Use of Hard-coded Credentials in Redis Service

CVE-2025-64766 MEDIUM

NixOS's Onlyoffice <25.05 - Info Disclosure

CVE-2025-13252 HIGH

shsuishang ShopSuite ModulithShop <45a99398cec3b7ad7ff9383694f0b533...

CVE-2025-33186 HIGH

NVIDIA AIStore - Privilege Escalation/Info Disclosure/Data Tampering

CVE-2025-42890 CRITICAL

SAP SQL Anywhere Monitor (Non-GUI) - Use of Hard-coded Credentials

CVE-2025-34501 HIGH

Deck Mate 2 < all known versions prior to 2025-10-23 - Use of Hard-coded Credentials

CVE-2025-62777 HIGH

PLANEX MZK-DP300N <= 1.07 - Unauthenticated Remote Code Execution via Telnet Hard-Coded Credentials

CVE-2025-41109 MEDIUM

Ghost Robotics Vision 60 v0.27.2 - Unauthenticated Network Access via Physical Ports

CVE-2025-41722 HIGH

Sauter modulo 6 and EY-modulo 5 - Use of Hard-coded Credentials in wsc Server

CVE-2025-10639 HIGH

WorkExaminer Professional <= 4.0.0.52001 - Use of Hard-coded Credentials in FTP Server

CVE-2025-6950 CRITICAL

Moxa EDR-G9010/EDR-8010/EDF-G1002-BP/TN-4900/NAT-102/NAT-108/OnCell G4302-LTE4 - Auth Bypass via Hard-coded JWT Secret

CVE-2025-60639 MEDIUM

gsigel14 ATLAS-EPIC - Info Disclosure

CVE-2025-10850 CRITICAL

Felan Framework <1.1.4 - Auth Bypass

CVE-2025-56749 CRITICAL

Creativeitem Academy LMS <= 6.14 - Authentication Bypass via Hardcoded JWT Secret

CVE-2025-36087 HIGH

IBM Security Verify Access 10.0.0-10.0.9 and 11.0.0 - Use of Hard-coded Credentials

CVE-2025-11643 LOW

Tomofun Furbo - Hard-coded Credentials

CVE-2025-61926 MEDIUM

Allstar < 4.5 - Insecure Default Variable Initialization in Reviewbot Webhook Secret

CVE-2025-10609 MEDIUM

Logo Software Inc. TigerWings ERP <3.03.00 - Info Disclosure

CVE-2025-0642 MEDIUM

PosCube Hardware Software and Consulting Ltd. Co. Assist <10.02.202...

CVE-2025-34223 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Unauthenticated Admin Credential Overwrite

CVE-2025-34209 HIGH

Vasion Print Virtual Appliance Host < 22.0.862 and Application < 20.0.2014 - Hardcoded GPG Private Key Exposure

CVE-2025-34196 CRITICAL

Vasion Virtual Appliance Application < 25.1.1413 - Insufficiently Protected Credentials

CVE-2025-11126 CRITICAL

Apeman ID71 218.53.203.117 - Use of Hard-coded Password in system.ini

CVE-2025-58385 HIGH

DOXENSE WATCHDOC <6.1.0.5094 - Info Disclosure

Previous Page 7 of 69 Next

Details

Vulnerabilities 1,712

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy