Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-14728

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Jun, 2019 | 18:47
Updated At-05 Aug, 2024 | 19:34
Rejected At-
Credits

An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this exploit. Also, the SiteOmat does not force administrators to switch passwords, leaving SSH and HTTP remote authentication open to public.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Jun, 2019 | 18:47
Updated At:05 Aug, 2024 | 19:34
Rejected At:
▼CVE Numbering Authority (CNA)

An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this exploit. Also, the SiteOmat does not force administrators to switch passwords, leaving SSH and HTTP remote authentication open to public.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.orpak.com/allproducts/siteomat-station-controller-sw/
x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
x_refsource_MISC
http://www.securityfocus.com/bid/108167
vdb-entry
x_refsource_BID
Hyperlink: http://www.orpak.com/allproducts/siteomat-station-controller-sw/
Resource:
x_refsource_MISC
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/bid/108167
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.orpak.com/allproducts/siteomat-station-controller-sw/
x_refsource_MISC
x_transferred
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
x_refsource_MISC
x_transferred
http://www.securityfocus.com/bid/108167
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.orpak.com/allproducts/siteomat-station-controller-sw/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/108167
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Jun, 2019 | 19:29
Updated At:04 Jun, 2019 | 19:46

An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this exploit. Also, the SiteOmat does not force administrators to switch passwords, leaving SSH and HTTP remote authentication open to public.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

orpak
orpak
>>siteomat>>Versions before 6.4.414.084(exclusive)
cpe:2.3:a:orpak:siteomat:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-798Primarynvd@nist.gov
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.orpak.com/allproducts/siteomat-station-controller-sw/cve@mitre.org
Product
Vendor Advisory
http://www.securityfocus.com/bid/108167cve@mitre.org
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01cve@mitre.org
US Government Resource
Third Party Advisory
Hyperlink: http://www.orpak.com/allproducts/siteomat-station-controller-sw/
Source: cve@mitre.org
Resource:
Product
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/108167
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
Source: cve@mitre.org
Resource:
US Government Resource
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

339Records found

CVE-2019-10479
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.95% / 85.94%
||
7 Day CHG~0.00%
Published-05 Apr, 2019 | 18:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded username and password were identified that allow a remote attacker to gain admin access to the Front Circle Controller web interface.

Action-Not Available
Vendor-glory-globaln/a
Product-rbw-100_firmwarerbw-100n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-10694
Matching Score-4
Assigner-Perforce
ShareView Details
Matching Score-4
Assigner-Perforce
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.07%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 23:02
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The express install, which is the suggested way to install Puppet Enterprise, gives the user a URL at the end of the install to set the admin password. If they do not use that URL, there is an overlooked default password for the admin user. This was resolved in Puppet Enterprise 2019.0.3 and 2018.1.9.

Action-Not Available
Vendor-n/aPerforce Software, Inc. ("Puppet")
Product-puppet_enterprisePuppet Enterprise
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-21979
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.3||HIGH
EPSS-0.17% / 39.09%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:15
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APP_KEY is fixed under certain conditions. This value is crucial for the security of the application and must be randomly generated per Laravel installation. If your application's encryption key is in the hands of a malicious party, that party could craft cookie values using the encryption key and exploit vulnerabilities inherent to PHP object serialization / unserialization, such as calling arbitrary class methods within your application.

Action-Not Available
Vendor-bitnamin/a
Product-containersBitnami Containers
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-10712
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 75.88%
||
7 Day CHG~0.00%
Published-07 May, 2019 | 21:20
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.

Action-Not Available
Vendor-wagon/a
Product-750-829_firmware750-330_firmware750-330750-885750-873_firmware750-830_firmware750-352_firmware750-880_firmware750-889_firmware750-884_firmware750-872750-849750-830750-871_firmware750-352750-881_firmware750-885_firmware750-829750-831750-873750-881750-831_firmware750-880750-882_firmware750-882750-849_firmware750-872_firmware750-852_firmware750-852750-889750-884750-871n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-10979
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.63% / 81.14%
||
7 Day CHG~0.00%
Published-01 Jul, 2019 | 20:05
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.

Action-Not Available
Vendor-SICK AG
Product-msc800msc800_firmwareMSC800
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-9254
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.64%
||
7 Day CHG~0.00%
Published-20 Feb, 2018 | 06:00
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Datto ALTO and SIRIS devices have a default VNC password.

Action-Not Available
Vendor-datton/a
Product-alto_3_firmwarealto_imagedalto_xl_firmwaresiris_3_firmwaresiris_virtualsiris_3siris_3_x_all-flashsiris_2siris_3_x_all-flash_firmwarealto_2_firmwarealto_3siris_2_firmwarealto_imaged_firmwarealto_xlsiris_virtual_firmwarealto_2n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-10011
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.63% / 69.30%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 18:07
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234.

Action-Not Available
Vendor-jenzabarn/a
Product-internet_campus_solutionn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-8856
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.19%
||
7 Day CHG-0.10%
Published-26 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data.

Action-Not Available
Vendor-Philips
Product-e-alert_firmwaree-Alert Unit (non-medical device)
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2009-5154
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 73.03%
||
7 Day CHG~0.00%
Published-09 Feb, 2019 | 22:00
Updated-07 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.

Action-Not Available
Vendor-mobotixn/a
Product-s14_firmwares14n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7800
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 77.84%
||
7 Day CHG~0.00%
Published-24 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable an attacker to gain access to the device.

Action-Not Available
Vendor-
Product-evlink_parkingevlink_parking_firmwareEVLink Parking v3.2.0-12_v1 and earlier
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-3408
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.8||CRITICAL
EPSS-77.81% / 98.96%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 18:54
Updated-03 Nov, 2024 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass and RCE in man-group/dtale

man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution (RCE) due to improper input validation. The vulnerability arises from a hardcoded `SECRET_KEY` in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled. Additionally, the application fails to properly restrict custom filter queries, enabling attackers to execute arbitrary code on the server by bypassing the restriction on the `/update-settings` endpoint, even when `enable_custom_filters` is not enabled. This vulnerability allows attackers to bypass authentication mechanisms and execute remote code on the server.

Action-Not Available
Vendor-manman-groupman-group
Product-d-taleman-group/dtaledtale
CWE ID-CWE-798
Use of Hard-coded Credentials
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-21820
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-2.00% / 82.94%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 10:24
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-3040_firmwaredir-3040D-Link
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6825
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 75.97%
||
7 Day CHG-0.05%
Published-09 Feb, 2018 | 15:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access.

Action-Not Available
Vendor-omninovan/a
Product-vobot_firmwarevobotn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-9112
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.20%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 03:00
Updated-05 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.

Action-Not Available
Vendor-foxconnn/a
Product-ap-fc4064-t_firmwareap-fc4064-tn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-0022
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-10||CRITICAL
EPSS-0.41% / 60.37%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 21:00
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software.

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-atp700atp400advanced_threat_preventionJuniper ATP
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-9161
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-69.16% / 98.58%
||
7 Day CHG~0.00%
Published-31 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.

Action-Not Available
Vendor-prismaindustrialen/a
Product-checkweigher_prismawebn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-0020
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-10||CRITICAL
EPSS-0.41% / 60.37%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 21:00
Updated-16 Sep, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juniper ATP: Hard coded credentials used in Web Collector

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-atp700atp400advanced_threat_preventionJuniper ATP
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-7246
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-33.10% / 96.75%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dvg-n5402sp_firmwaredvg-n5402spn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6401
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.20%
||
7 Day CHG~0.00%
Published-02 May, 2018 | 07:00
Updated-05 Aug, 2024 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password.

Action-Not Available
Vendor-merossn/a
Product-mss110mss110_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6387
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 75.97%
||
7 Day CHG~0.00%
Published-29 Jan, 2018 | 18:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.

Action-Not Available
Vendor-iballn/a
Product-ib-wra150n_firmwareib-wra150nn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7229
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 66.58%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 23:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials.

Action-Not Available
Vendor-
Product-imp519-1er_firmwareibp319-1erimp319-1erimps110-1eibp519-1er_firmwareimp1110-1er_firmwareimps110-1eribp1110-1erimp519-1_firmwareimp519-1ibps110-1er_firmwareimp219-1_firmwareimp319-1_firmwareimps110-1er_firmwareimp219-1erimp319-1mps110-1ibp319-1er_firmwareimp319-1er_firmwareimps110-1e_firmwareimp219-1e_firmwareimp219-1eibp219-1erimp1110-1e_firmwareimp1110-1_firmwareimp519-1eimp319-1e_firmwareimp1110-1erimp219-1ibp219-1er_firmwareimp519-1erimp1110-1eimp319-1eibp1110-1er_firmwareibps110-1erimp219-1er_firmwareimp519-1e_firmwareimp1110-1ibp519-1ermps110-1_firmwarePelco Sarix Professional
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7047
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.99% / 86.02%
||
7 Day CHG~0.00%
Published-01 Mar, 2018 | 20:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).

Action-Not Available
Vendor-wowzan/a
Product-streaming_enginen/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-3272
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.8||CRITICAL
EPSS-94.15% / 99.91%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 01:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-05-02||This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-340ldnr-202ldns-320lw_firmwaredns-327ldns-1200-05dns-321_firmwaredns-325dns-120dns-343dns-320l_firmwaredns-320dnr-326dns-726-4dns-120_firmwaredns-326_firmwaredns-315ldnr-322ldns-326dns-1200-05_firmwaredns-1100-4_firmwarednr-326_firmwaredns-343_firmwaredns-345_firmwarednr-202l_firmwaredns-1550-04dns-323_firmwaredns-320_firmwaredns-320lwdns-315l_firmwaredns-320ldns-323dns-1100-4dnr-322l_firmwaredns-325_firmwaredns-345dns-1550-04_firmwaredns-726-4_firmwaredns-340l_firmwaredns-321dns-327l_firmwareDNS-325DNS-340LDNS-320LDNS-327Ldns-320l_firmwaredns-325_firmwaredns-340l_firmwaredns-327l_firmwareMultiple NAS Devices
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6446
Matching Score-4
Assigner-Brocade Communications Systems, LLC
ShareView Details
Matching Score-4
Assigner-Brocade Communications Systems, LLC
CVSS Score-9.8||CRITICAL
EPSS-0.85% / 73.97%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 17:43
Updated-05 Aug, 2024 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-brocade_network_advisorBrocade Network Advisor
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6213
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.10% / 86.29%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-620dir-620_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-3953
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 47.91%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 16:02
Updated-06 Aug, 2024 | 06:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.

Action-Not Available
Vendor-pifzerHospira
Product-plum_a\+3_infusion_system_firmwareplum_a\+_infusion_system_firmwareplum_a\+_infusion_systemsymbiq_infusion_system_firmwareplum_a\+3_infusion_systemsymbiq_infusion_systemSymbiq Infusion SystemPlum A+ Infusion SystemPlum A+3 Infusion System
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-21913
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-0.69% / 70.87%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 14:48
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-3040_firmwaredir-3040D-Link
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-35866
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.31%
||
7 Day CHG~0.00%
Published-03 Aug, 2022 | 00:00
Updated-20 Nov, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The server uses a hard-coded password for the administrator user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17139.

Action-Not Available
Vendor-vinchinVinchin
Product-vinchin_backup_and_recoveryBackup and Recovery
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5399
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.4||CRITICAL
EPSS-0.21% / 42.84%
||
7 Day CHG~0.00%
Published-08 Oct, 2018 | 15:00
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running and is configured with a hard-coded credentials

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password only authentication not cryptographic keys, however the firmware image contains an RSA host-key for the server. An attacker can exploit this vulnerability to gain root access to the Angstrom Linux operating system and modify any binaries or configuration files in the firmware. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.

Action-Not Available
Vendor-auto-maskinAuto-Maskin
Product-dcu-210erp-210e_firmwarerp-210edcu-210e_firmwareDCU-210ERP-210E
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5723
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-38.03% / 97.11%
||
7 Day CHG~0.00%
Published-16 Jan, 2018 | 22:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.

Action-Not Available
Vendor-barnin/a
Product-master_ip_camera01_firmwaremaster_ip_camera01n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-29061
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.45%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 20:58
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default root126 password for the root account.

Action-Not Available
Vendor-n/aC-DATA Technologies Co., Ltd.
Product-fd1216s-r197168p_firmwarefd1208s-r2fd1204s-r2_firmwarefd1616gsfd1002s9016afd1104fd1204sn-r2fd1616sn_firmwarefd1104sfd1204sn_firmwarefd1608gs97168pfd1002s_firmware97084p92416a_firmware9016a_firmwarefd1616gs_firmware97028p9288_firmwarefd1608gs_firmwarefd1104sn_firmwarefd1608sn_firmwarefd1608sn9008a_firmwarefd1204sn-r2_firmwarefd1104b_firmware72408a97028p_firmwarefd1104bfd1204snfd8000_firmware92408afd1104s_firmware97042p_firmware92416afd1104snfd1204s-r297024p97016_firmware928897024p_firmware97084p_firmwarefd1104_firmwarefd1208s-r2_firmwarefd80009008afd1108s72408a_firmware97042pfd1216s-r1_firmware92408a_firmwarefd1108s_firmwarefd1616sn97016n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-4667
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-24.01% / 95.82%
||
7 Day CHG~0.00%
Published-25 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple hardcoded credentials in Xsuite 2.x.

Action-Not Available
Vendor-n/aXceedium (Broadcom Inc.)
Product-xsuiten/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-4846
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.76%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 18:00
Updated-17 Sep, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). A factory account with hardcoded password might allow attackers access to the device over port 5900/tcp. Successful exploitation requires no user interaction or privileges and impacts the confidentiality, integrity, and availability of the affected device. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.

Action-Not Available
Vendor-Siemens AG
Product-rapidlab_1200_firmwarerapidpoint_500_firmwarerapidpoint_500rapidpoint_400_firmwarerapidlab_1200rapidpoint_400RAPIDLab 1200 systems RAPIDPoint 400 systems RAPIDPoint 500 systems RAPIDLab 1200 Series RAPIDPoint 500 systems RAPIDPoint 500 systems RAPIDPoint 500 systems RAPIDPoint 400 systems
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-2887
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.36%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iBaby M3S has a password of admin for the backdoor admin account.

Action-Not Available
Vendor-ibabyn/a
Product-m3s_baby_monitorm3s_baby_monitor_firmwareiBaby M3S
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-29889
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 51.85%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:33
Updated-15 Apr, 2025 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability.

Action-Not Available
Vendor-goabodeabode systems, inc.
Product-iota_all-in-one_security_kitiota_all-in-one_security_kit_firmwareiota All-In-One Security Kit
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-20955
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.04% / 76.60%
||
7 Day CHG~0.00%
Published-08 Aug, 2019 | 20:10
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.

Action-Not Available
Vendor-swannn/a
Product-swwhd-intcam-hd_firmwareswwhd-intcam-hdn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-21137
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.38%
||
7 Day CHG~0.00%
Published-23 Apr, 2020 | 20:05
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d3600d3600_firmwared6000_firmwared6000n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7241
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 67.96%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 20:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

Action-Not Available
Vendor-
Product-140cpu65160ctsxp573634mmodicon_m340_bmxp3420302h_firmware140cpu65160_firmwaretsxh5744m_firmwaremodicon_m340_bmxp342020h_firmwaretsxh5744m140cpu65160s_firmwaretsxp571634mcmodicon_m340_bmxp3420102cltsxp574634m_firmwaremodicon_m340_bmxp3420302_firmwaretsxp575634mtsxh5724mc_firmwaretsxp57304mc140cpu65860tsxp575634mc140cpu65160modicon_m340_bmxp3420302cl_firmwaretsxh5744mc_firmwaretsxp573634mc_firmwaremodicon_m340_bmxp342020_firmwaretsxp57454m_firmwaretsxp57254m_firmwaremodicon_m340_bmxp3420102_firmwaretsxp572634mtsxp57554mc_firmwaretsxp574634mtsxh5724mtsxp57304m_firmwaretsxp571634mc_firmwaretsxp57454mcmodicon_m340_bmxp341000h140cpu65160sbmxnor0200_firmwaremodicon_m340_bmxp3420302clbmxnor0200htsxp574634mc_firmwaretsxp57154mctsxp57154m_firmwaretsxp57154mtsxp576634mtsxh5744mctsxp57204mcmodicon_m340_bmxp342020140cpu31110modicon_m340_bmxp342020htsxp57354mc_firmwaretsxp57104m140cpu65150c_firmwaretsxp57354m140cpu65150_firmwaremodicon_m340_bmxp342000_firmware140cpu65860cbmxnor0200h_firmwaretsxp57204m_firmwaretsxp57204m140cpu65260tsxp571634m_firmwaretsxp573634mc140cpu43412uc140cpu65150tsxp571634mtsxp57304mc_firmware140cpu65860_firmwarebmxnor0200modicon_m340_bmxp341000h_firmware140cpu65260ctsxp57354mc140cpu65150c140cpu43412u_firmwaretsxh5724m_firmwaremodicon_m340_bmxp342000tsxp575634m_firmwaretsxp573634m_firmwaretsxp57204mc_firmwaretsxp57104mc_firmwaremodicon_m340_bmxp341000tsxh5724mc140cpu65260c_firmwaretsxp57254mc_firmware140cpu31110_firmware140cpu31110ctsxp57304mtsxp576634mcmodicon_m340_bmxp3420302htsxp574634mcmodicon_m340_bmxp3420102cl_firmwaretsxp572634mc_firmwaretsxp57454mc_firmwaretsxp576634mc_firmwaretsxp57554mctsxp575634mc_firmware140cpu65160c_firmwaretsxp576634m_firmware140cpu65260_firmwaremodicon_m340_bmxp3420302140cpu43412uc_firmwaretsxp57454mtsxp572634mcmodicon_m340_bmxp341000_firmwaretsxp57254mtsxp57104m_firmwaretsxp572634m_firmwaretsxp57554mtsxp57254mctsxp57354m_firmwaretsxp57104mctsxp57554m_firmwaremodicon_m340_bmxp3420102140cpu31110c_firmware140cpu43412utsxp57154mc_firmware140cpu65860c_firmwareModicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5768
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.35% / 84.28%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 19:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac15_firmwareac15n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19063
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-1944
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 8.23%
||
7 Day CHG~0.00%
Published-21 Feb, 2019 | 17:00
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153386.

Action-Not Available
Vendor-IBM Corporation
Product-security_identity_governance_and_intelligenceSecurity Identity Governance and Intelligence
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19067
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18998
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 71.59%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 18:00
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.

Action-Not Available
Vendor-lcdsICS-CERT
Product-laquis_scadaLCDS Laquis SCADA
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19069
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-2867
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.88% / 85.79%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.

Action-Not Available
Vendor-traneTrane
Product-comfortlink_ii_firmwareComfortLink II SCC firmware
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-2881
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 73.04%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.

Action-Not Available
Vendor-gynoiin/a
Product-gcw-1020gcw-1010gpw-1025Gynoii
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18008
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 77.42%
||
7 Day CHG~0.00%
Published-21 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dwr-555_firmwaredsl-2770ldwr-555dir-640l_firmwaredir-640ldwr-116dwr-512dir-140ldwr-921_firmwaredwr-116_firmwaredwr-512_firmwaredir-140l_firmwaredwr-921dsl-2770l_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-2882
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 75.97%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account.

Action-Not Available
Vendor-n/aPhilips
Product-in.sight_b120\\37Philips In.Sight B120/37
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-2885
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.36%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.

Action-Not Available
Vendor-lens_laboratoriesn/a
Product-peek-a-view_firmwarepeek-a-viewLens Peek-a-View
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18006
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.49% / 84.73%
||
7 Day CHG~0.00%
Published-14 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.

Action-Not Available
Vendor-n/aRicoh Company, Ltd.
Product-myprintn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found