Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-10575

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Apr, 2018 | 22:00
Updated At-05 Aug, 2024 | 07:39
Rejected At-
Credits

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Apr, 2018 | 22:00
Updated At:05 Aug, 2024 | 07:39
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixes
x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2018/May/12
mailing-list
x_refsource_FULLDISC
https://www.exploit-db.com/exploits/45409/
exploit
x_refsource_EXPLOIT-DB
https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy
x_refsource_CONFIRM
Hyperlink: https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixes
Resource:
x_refsource_CONFIRM
Hyperlink: http://seclists.org/fulldisclosure/2018/May/12
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: https://www.exploit-db.com/exploits/45409/
Resource:
exploit
x_refsource_EXPLOIT-DB
Hyperlink: https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixes
x_refsource_CONFIRM
x_transferred
http://seclists.org/fulldisclosure/2018/May/12
mailing-list
x_refsource_FULLDISC
x_transferred
https://www.exploit-db.com/exploits/45409/
exploit
x_refsource_EXPLOIT-DB
x_transferred
https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixes
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2018/May/12
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/45409/
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:30 Apr, 2018 | 22:29
Updated At:16 Sep, 2018 | 10:29

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

WatchGuard Technologies, Inc.
watchguard
>>ap200_firmware>>Versions before 1.2.9.15(exclusive)
cpe:2.3:o:watchguard:ap200_firmware:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>ap200>>-
cpe:2.3:h:watchguard:ap200:-:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>ap102_firmware>>Versions before 1.2.9.15(exclusive)
cpe:2.3:o:watchguard:ap102_firmware:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>ap102>>-
cpe:2.3:h:watchguard:ap102:-:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>ap100_firmware>>Versions before 1.2.9.15(exclusive)
cpe:2.3:o:watchguard:ap100_firmware:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>ap100>>-
cpe:2.3:h:watchguard:ap100:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-798Primarynvd@nist.gov
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://seclists.org/fulldisclosure/2018/May/12cve@mitre.org
Mailing List
Third Party Advisory
https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIycve@mitre.org
Vendor Advisory
https://www.exploit-db.com/exploits/45409/cve@mitre.org
N/A
https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixescve@mitre.org
Vendor Advisory
Hyperlink: http://seclists.org/fulldisclosure/2018/May/12
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.exploit-db.com/exploits/45409/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixes
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

341Records found

CVE-2019-0022
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-10||CRITICAL
EPSS-0.41% / 60.37%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 21:00
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software.

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-atp700atp400advanced_threat_preventionJuniper ATP
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7800
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 77.84%
||
7 Day CHG~0.00%
Published-24 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable an attacker to gain access to the device.

Action-Not Available
Vendor-
Product-evlink_parkingevlink_parking_firmwareEVLink Parking v3.2.0-12_v1 and earlier
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6401
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.20%
||
7 Day CHG~0.00%
Published-02 May, 2018 | 07:00
Updated-05 Aug, 2024 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password.

Action-Not Available
Vendor-merossn/a
Product-mss110mss110_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7241
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 67.96%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 20:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

Action-Not Available
Vendor-
Product-140cpu65160ctsxp573634mmodicon_m340_bmxp3420302h_firmware140cpu65160_firmwaretsxh5744m_firmwaremodicon_m340_bmxp342020h_firmwaretsxh5744m140cpu65160s_firmwaretsxp571634mcmodicon_m340_bmxp3420102cltsxp574634m_firmwaremodicon_m340_bmxp3420302_firmwaretsxp575634mtsxh5724mc_firmwaretsxp57304mc140cpu65860tsxp575634mc140cpu65160modicon_m340_bmxp3420302cl_firmwaretsxh5744mc_firmwaretsxp573634mc_firmwaremodicon_m340_bmxp342020_firmwaretsxp57454m_firmwaretsxp57254m_firmwaremodicon_m340_bmxp3420102_firmwaretsxp572634mtsxp57554mc_firmwaretsxp574634mtsxh5724mtsxp57304m_firmwaretsxp571634mc_firmwaretsxp57454mcmodicon_m340_bmxp341000h140cpu65160sbmxnor0200_firmwaremodicon_m340_bmxp3420302clbmxnor0200htsxp574634mc_firmwaretsxp57154mctsxp57154m_firmwaretsxp57154mtsxp576634mtsxh5744mctsxp57204mcmodicon_m340_bmxp342020140cpu31110modicon_m340_bmxp342020htsxp57354mc_firmwaretsxp57104m140cpu65150c_firmwaretsxp57354m140cpu65150_firmwaremodicon_m340_bmxp342000_firmware140cpu65860cbmxnor0200h_firmwaretsxp57204m_firmwaretsxp57204m140cpu65260tsxp571634m_firmwaretsxp573634mc140cpu43412uc140cpu65150tsxp571634mtsxp57304mc_firmware140cpu65860_firmwarebmxnor0200modicon_m340_bmxp341000h_firmware140cpu65260ctsxp57354mc140cpu65150c140cpu43412u_firmwaretsxh5724m_firmwaremodicon_m340_bmxp342000tsxp575634m_firmwaretsxp573634m_firmwaretsxp57204mc_firmwaretsxp57104mc_firmwaremodicon_m340_bmxp341000tsxh5724mc140cpu65260c_firmwaretsxp57254mc_firmware140cpu31110_firmware140cpu31110ctsxp57304mtsxp576634mcmodicon_m340_bmxp3420302htsxp574634mcmodicon_m340_bmxp3420102cl_firmwaretsxp572634mc_firmwaretsxp57454mc_firmwaretsxp576634mc_firmwaretsxp57554mctsxp575634mc_firmware140cpu65160c_firmwaretsxp576634m_firmware140cpu65260_firmwaremodicon_m340_bmxp3420302140cpu43412uc_firmwaretsxp57454mtsxp572634mcmodicon_m340_bmxp341000_firmwaretsxp57254mtsxp57104m_firmwaretsxp572634m_firmwaretsxp57554mtsxp57254mctsxp57354m_firmwaretsxp57104mctsxp57554m_firmwaremodicon_m340_bmxp3420102140cpu31110c_firmware140cpu43412utsxp57154mc_firmware140cpu65860c_firmwareModicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5399
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.4||CRITICAL
EPSS-0.21% / 42.84%
||
7 Day CHG~0.00%
Published-08 Oct, 2018 | 15:00
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running and is configured with a hard-coded credentials

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password only authentication not cryptographic keys, however the firmware image contains an RSA host-key for the server. An attacker can exploit this vulnerability to gain root access to the Angstrom Linux operating system and modify any binaries or configuration files in the firmware. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.

Action-Not Available
Vendor-auto-maskinAuto-Maskin
Product-dcu-210erp-210e_firmwarerp-210edcu-210e_firmwareDCU-210ERP-210E
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5723
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-38.03% / 97.11%
||
7 Day CHG~0.00%
Published-16 Jan, 2018 | 22:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.

Action-Not Available
Vendor-barnin/a
Product-master_ip_camera01_firmwaremaster_ip_camera01n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-20955
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.04% / 76.60%
||
7 Day CHG~0.00%
Published-08 Aug, 2019 | 20:10
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.

Action-Not Available
Vendor-swannn/a
Product-swwhd-intcam-hd_firmwareswwhd-intcam-hdn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-23233
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.32% / 54.30%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 18:17
Updated-16 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fresenius Kabi Agilia Connect Infusion System

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration parameters.

Action-Not Available
Vendor-fresenius-kabiFresenius Kabi
Product-link\+_agilia_firmwarevigilant_insightagilia_connect_firmwareagilia_connectvigilant_mastermedlink\+_agiliavigilant_centeriumagilia_partner_maintenance_softwareAgilia Link+
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-21913
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-0.69% / 70.87%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 14:48
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-3040_firmwaredir-3040D-Link
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.00% / 91.09%
||
7 Day CHG~0.00%
Published-19 Mar, 2019 | 22:19
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the _secret1.htm URI. Subsequently, the default password of root for the root account allows an attacker to conduct remote code execution and as a result take over the system.

Action-Not Available
Vendor-patliten/a
Product-nhl-3fv1n_firmwarenbm-d88n_firmwarenhl-3fb1_firmwarenhl-3fv1nnbm-d88nnhl-3fb1n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-21979
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.3||HIGH
EPSS-0.17% / 39.09%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:15
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APP_KEY is fixed under certain conditions. This value is crucial for the security of the application and must be randomly generated per Laravel installation. If your application's encryption key is in the hands of a malicious party, that party could craft cookie values using the encryption key and exploit vulnerabilities inherent to PHP object serialization / unserialization, such as calling arbitrary class methods within your application.

Action-Not Available
Vendor-bitnamin/a
Product-containersBitnami Containers
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19063
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-21820
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-2.00% / 82.94%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 10:24
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-3040_firmwaredir-3040D-Link
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-1944
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 8.23%
||
7 Day CHG~0.00%
Published-21 Feb, 2019 | 17:00
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153386.

Action-Not Available
Vendor-IBM Corporation
Product-security_identity_governance_and_intelligenceSecurity Identity Governance and Intelligence
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19067
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18998
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 71.59%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 18:00
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.

Action-Not Available
Vendor-lcdsICS-CERT
Product-laquis_scadaLCDS Laquis SCADA
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-19069
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 78.30%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor.

Action-Not Available
Vendor-opticamfoscamn/a
Product-i5_system_firmwarei5_application_firmwarec2i5c2_system_firmwarec2_application_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18008
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 77.42%
||
7 Day CHG~0.00%
Published-21 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dwr-555_firmwaredsl-2770ldwr-555dir-640l_firmwaredir-640ldwr-116dwr-512dir-140ldwr-921_firmwaredwr-116_firmwaredwr-512_firmwaredir-140l_firmwaredwr-921dsl-2770l_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-6825
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 75.97%
||
7 Day CHG-0.05%
Published-09 Feb, 2018 | 15:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access.

Action-Not Available
Vendor-omninovan/a
Product-vobot_firmwarevobotn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-7229
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 66.58%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 23:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials.

Action-Not Available
Vendor-
Product-imp519-1er_firmwareibp319-1erimp319-1erimps110-1eibp519-1er_firmwareimp1110-1er_firmwareimps110-1eribp1110-1erimp519-1_firmwareimp519-1ibps110-1er_firmwareimp219-1_firmwareimp319-1_firmwareimps110-1er_firmwareimp219-1erimp319-1mps110-1ibp319-1er_firmwareimp319-1er_firmwareimps110-1e_firmwareimp219-1e_firmwareimp219-1eibp219-1erimp1110-1e_firmwareimp1110-1_firmwareimp519-1eimp319-1e_firmwareimp1110-1erimp219-1ibp219-1er_firmwareimp519-1erimp1110-1eimp319-1eibp1110-1er_firmwareibps110-1erimp219-1er_firmwareimp519-1e_firmwareimp1110-1ibp519-1ermps110-1_firmwarePelco Sarix Professional
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18006
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.49% / 84.73%
||
7 Day CHG~0.00%
Published-14 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.

Action-Not Available
Vendor-n/aRicoh Company, Ltd.
Product-myprintn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-17894
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 68.63%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 14:00
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access.

Action-Not Available
Vendor-NUUO Inc.
Product-nuuo_cmsNUUO CMS
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-1818
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 10.89%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 150022.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardiumSecurity Guardium
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-1560
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-81.67% / 99.14%
||
7 Day CHG~0.00%
Published-21 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

Action-Not Available
Vendor-exagridn/a
Product-ex7000ex21000eex13000eex40000eex21000e_firmwareex10000eex3000_firmwareex7000_firmwareex32000eex13000e_firmwareex3000ex5000_firmwareex5000ex32000e_firmwareex40000e_firmwareex10000e_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-5768
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.35% / 84.28%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 19:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac15_firmwareac15n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-10308
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.10% / 83.38%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the device, allowing full control over it.

Action-Not Available
Vendor-siklun/a
Product-etherhaul_70\/80ghz_multi-gigabit_e-band_radioetherhaul_70\/80ghz_gigabit_radioetherhaul_500txetherhaul-5500fdetherhaul_70ghz_e-band_radioetherhaul_firmwareetherhaul_60ghz_v-band_radion/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15808
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 72.60%
||
7 Day CHG~0.00%
Published-23 Aug, 2018 | 20:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients.

Action-Not Available
Vendor-posimn/a
Product-evon/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-10115
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.24% / 90.53%
||
7 Day CHG~0.00%
Published-04 Jan, 2017 | 08:10
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-vmc3040sarlo_q_camera_firmwarearlo_base_station_firmwarearlo_q_plus_camera_firmwarevms3xx0vmc3040vmk3xx0vmb30x0n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-10306
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 79.46%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.

Action-Not Available
Vendor-trangon/a
Product-a600-25-usa600-19-usa600_firmwarea600-ext-usn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-16158
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-67.31% / 98.50%
||
7 Day CHG~0.00%
Published-30 Aug, 2018 | 05:00
Updated-17 Sep, 2024 | 04:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.

Action-Not Available
Vendor-eatonn/a
Product-power_xpert_meter_8000power_xpert_meter_6000power_xpert_meter_4000power_xpert_meter_8000_firmwarepower_xpert_meter_6000_firmwarepower_xpert_meter_4000_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-0726
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.75%
||
7 Day CHG~0.00%
Published-06 Jun, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.

Action-Not Available
Vendor-n/aNagios Enterprises, LLC
Product-nagiosn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-11630
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.12% / 31.56%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 22:00
Updated-25 Nov, 2024 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials

A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 up to 3.2 and classified as critical. This vulnerability affects unknown code of the component OEM Backend. The manipulation leads to hard-coded credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-E-Linse-lins
Product-H820Q0H820QH900H700H685H750H720H820H685fh820q0h685h685fh820qh700h900h820h750h720
CWE ID-CWE-798
Use of Hard-coded Credentials
CWE ID-CWE-259
Use of Hard-coded Password
CVE-2018-14528
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.04% / 76.60%
||
7 Day CHG~0.00%
Published-05 Jul, 2019 | 19:48
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Invoxia NVX220 devices allow TELNET access as admin with a default password.

Action-Not Available
Vendor-invoxian/a
Product-nvx220_firmwarenvx220n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15439
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.26% / 78.55%
||
7 Day CHG~0.00%
Published-08 Nov, 2018 | 17:00
Updated-26 Nov, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Switches Privileged Access Vulnerability

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpsg250-10p_firmwaresf250-24psg300-10p_firmwaresg300-52_firmwaresg250-18_firmwaresg500-52mp_firmwaresg250x-24p_firmwaresg300-52sg250x-24psg200-26sg250-18sg500-28sg500x-48sg350x-24mpsg200-50p_firmwaresg200-26_firmwaresx550x-24sg550x-48p_firmwaresg200-08psf200-24_firmwaresg300-20sg500-28psf250-24p_firmwaresg350x-48_firmwaresg350xg-24tsx550x-12fsf200-48sg350x-24_firmwaresf350-48psf350-48sg550x-48mp_firmwaresg500x-24psf300-48psf300-24_firmwaresg500-52sf300-24mp_firmwaresg500-28mpp_firmwaresf550x-24mp_firmwaresg500-52psg350-28sg350x-24mp_firmwaresg500-52_firmwaresf250-24sg200-10fpsf300-24ppsg550x-48psf550x-48p_firmwaresg350x-48mp_firmwaresg250x-24_firmwaresg250-50hp_firmwaresx550x-24ft_firmwaresg300-10mpp_firmwaresg350x-24sg250x-24sf550x-48_firmwaresg200-50sg300-52mpsg350-10p_firmwaresf200-48p_firmwaresg200-50psg200-26fp_firmwaresf302-08p_firmwaresg350-10psg500-52mpsg355-10psx550x-16ft_firmwaresg250-50psg300-52psf250-48sg250-26hpsg250x-48p_firmwaresg300-20_firmwaresf500-24p_firmwaresf500-48sg300-10sfpsg200-50fpsg550x-24_firmwaresg250x-48_firmwaresg300-28_firmwaresf302-08psg500-28mppsf500-24psf200-24p_firmwaresg250-50p_firmwaresf302-08ppsf350-48p_firmwaresf300-48sg350xg-48t_firmwaresg250-26sg300-10sfp_firmwaresg250x-48sf550x-48mp_firmwaresg350-28p_firmwaresf550x-24_firmwaresf250-48hp_firmwaresg350xg-2f10sg300-28ppsg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresg350-10mpsf550x-48psg550x-24mppsf550x-24sf500-48psf200-24psg500-52p_firmwaresg350xg-24f_firmwaresf500-48p_firmwaresg300-28mpsf302-08mp_firmwaresf350-48mp_firmwaresf250-24_firmwaresg350-28mpsf302-08sg350-28mp_firmwaresg300-28pp_firmwaresg350x-48sf200-24sx550x-24fsg500x-48psg250-26_firmwaresg350-10mp_firmwaresf302-08mpp_firmwaresg500x-48p_firmwaresg355-10p_firmwaresg550x-24mp_firmwaresg200-18_firmwaresg300-10psg300-52p_firmwaresf300-48ppsg500x-24_firmwaresg350xg-24t_firmwaresg550x-48_firmwaresf550x-24p_firmwaresg350x-24p_firmwaresg300-10mp_firmwaresf302-08_firmwaresg200-08p_firmwaresf200-24fp_firmwaresg300-10mpsg550x-24sf300-08sg300-10ppsg250-50_firmwaresf350-48_firmwaresg250-10psg200-08sg350xg-2f10_firmwaresx550x-24f_firmwaresg250-08sg350-28psg250-26hp_firmwaresg200-26fpsg200-26p_firmwaresg350xg-48tsf550x-48sg300-28sg200-10fp_firmwaresx550x-52_firmwaresg350-28_firmwaresg300-10_firmwaresg250-08hpsg350-10sg350x-48psg550x-24mpsg500x-24sf300-24p_firmwaresx550x-16ftsg550x-48mpsg350-10_firmwaresx550x-24ftsx550x-52sg250x-48psg200-50fp_firmwaresg500x-24p_firmwaresg250-26psg300-10pp_firmwaresf500-24sg300-10sf550x-24psf300-48p_firmwaresf350-48mpsg250-50sf200-24fpsg300-10mppsg550x-24p_firmwaresg500xg-8f8t_firmwaresg300-28psf300-24psg200-26psf200-48psf300-24sg550x-24psg200-08_firmwaresg350x-48mpsf302-08mppsf302-08mpsg550x-48sf300-48pp_firmwaresf250-48_firmwaresg350x-48p_firmwaresg250-08_firmwaresf300-24mpsg300-28mp_firmwaresg350x-24psf550x-24mpsx550x-12f_firmwaresf302-08pp_firmwaresg250-50hpsg550x-24mpp_firmwaresf250-48hpsg200-18sg200-50_firmwaresg500x-48_firmwaresg250-26p_firmwaresf300-08_firmwaresg350xg-24fsf200-48_firmwaresx550x-24_firmwaresg500xg-8f8tsg500-28_firmwaresf500-24_firmwaresg250-08hp_firmwaresf300-48_firmwaresf300-24pp_firmwaresg300-28p_firmwareCisco Small Business 300 Series Managed Switches
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15427
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-14.45% / 94.18%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Video Surveillance Manager Appliance Default Password Vulnerability

A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, default, static user credentials for the root account of the affected software on certain systems. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-video_surveillance_managerconnected_safety_and_security_ucs_c220Cisco Video Surveillance Manager
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15360
Matching Score-4
Assigner-Kaspersky
ShareView Details
Matching Score-4
Assigner-Kaspersky
CVSS Score-7.3||HIGH
EPSS-0.10% / 29.01%
||
7 Day CHG~0.00%
Published-17 Aug, 2018 | 15:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0.

Action-Not Available
Vendor-eltexKaspersky Lab
Product-esp-200esp-200_firmwareEltex ESP-200
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-9254
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.64%
||
7 Day CHG~0.00%
Published-20 Feb, 2018 | 06:00
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Datto ALTO and SIRIS devices have a default VNC password.

Action-Not Available
Vendor-datton/a
Product-alto_3_firmwarealto_imagedalto_xl_firmwaresiris_3_firmwaresiris_virtualsiris_3siris_3_x_all-flashsiris_2siris_3_x_all-flash_firmwarealto_2_firmwarealto_3siris_2_firmwarealto_imaged_firmwarealto_xlsiris_virtual_firmwarealto_2n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15389
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.81% / 73.26%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability

A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. The vulnerability is due to a hard-coded password that, in some cases, is not replaced with a unique password. A successful exploit could allow the attacker to access the administrative web interface with administrator-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-prime_collaborationCisco Prime Collaboration Provisioning
CWE ID-CWE-255
Not Available
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-15720
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.82% / 73.41%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 21:00
Updated-16 Sep, 2024 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

Action-Not Available
Vendor-logitechLogitech
Product-harmony_hub_firmwareharmony_hubLogitech Harmony Hub
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-0248
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-10||CRITICAL
EPSS-0.42% / 61.07%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 19:37
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NFX Series: Hard-coded credentials allow an attacker to take control of any instance through administrative interfaces.

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series. No other platforms besides NFX Series devices are affected.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosnfx150nfx250nfx350Junos OS
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-18251
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.79% / 73.01%
||
7 Day CHG~0.00%
Published-24 Apr, 2019 | 20:13
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Deltek Vision 7.x before 7.6 permits the execution of any attacker supplied SQL statement through a custom RPC over HTTP protocol. The Vision system relies on the client binary to enforce security rules and integrity of SQL statements and other content being sent to the server. Client HTTP calls can be manipulated by one of several means to execute arbitrary SQL statements (similar to SQLi) or possibly have unspecified other impact via this custom protocol. To perform these attacks an authenticated session is first required. In some cases client calls are obfuscated by encryption, which can be bypassed due to hard-coded keys and an insecure key rotation protocol. Impacts may include remote code execution in some deployments; however, the vendor states that this cannot occur when the installation documentation is heeded.

Action-Not Available
Vendor-deltekn/a
Product-visionn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-8868
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-25.68% / 96.03%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 20:15
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the __service__ user account. The product contains a hard-coded password for this account. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-9553.

Action-Not Available
Vendor-Quest Software, Inc.
Product-foglight_evolveFoglight Evolve
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-7498
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.49% / 64.40%
||
7 Day CHG~0.00%
Published-16 Jun, 2020 | 19:15
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software (all versions). The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file transfer service provided by the Modicon PLCs. This could result in various unintended results.

Action-Not Available
Vendor-n/a
Product-os_loaderunity_loaderUnity Loader and OS Loader Software (All versions)
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2008-1160
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.75% / 92.64%
||
7 Day CHG~0.00%
Published-25 Mar, 2008 | 00:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-zywall_1050zywall_1050_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2015-7246
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-33.10% / 96.75%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dvg-n5402sp_firmwaredvg-n5402spn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-4459
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.10% / 27.80%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 16:00
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 181395.

Action-Not Available
Vendor-IBM Corporation
Product-security_secret_serverSecurity Secret Server
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-12924
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.76%
||
7 Day CHG~0.00%
Published-28 Jun, 2018 | 11:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.

Action-Not Available
Vendor-eztcpn/a
Product-cse-m32_firmwarecse-m53n_firmwarecse-b63n2_firmwarecse-b63n2cse-m73_firmwarecie-h10cie-h12_firmwarecse-m53ncse-m24cie-h14_firmwarecse-m24_firmwarecie-h14cse-m32cie-h10_firmwarecse-m73cie-h12n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-4854
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 46.18%
||
7 Day CHG~0.00%
Published-23 Nov, 2020 | 16:55
Updated-16 Sep, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 190454.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-linux_kernelspectrum_protect_plusSpectrum Protect Plus
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-4690
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.80%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 16:05
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardiumSecurity Guardium
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-4208
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 5.39%
||
7 Day CHG~0.00%
Published-31 Mar, 2020 | 14:31
Updated-16 Sep, 2024 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_protect_plusSpectrum Protect Plus
CWE ID-CWE-798
Use of Hard-coded Credentials
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found