Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-22495

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-14 Jan, 2023 | 00:47
Updated At-10 Mar, 2025 | 21:23
Rejected At-
Credits

Izanami is vulnerable to Authorization Bypass

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:14 Jan, 2023 | 00:47
Updated At:10 Mar, 2025 | 21:23
Rejected At:
▼CVE Numbering Authority (CNA)
Izanami is vulnerable to Authorization Bypass

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.

Affected Products
Vendor
MAIF
Product
izanami
Versions
Affected
  • < 1.11.0
Problem Types
TypeCWE IDDescription
CWECWE-288CWE-288: Authentication Bypass Using an Alternate Path or Channel
Type: CWE
CWE ID: CWE-288
Description: CWE-288: Authentication Bypass Using an Alternate Path or Channel
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c
x_refsource_CONFIRM
https://github.com/MAIF/izanami/releases/tag/v1.11.0
x_refsource_MISC
Hyperlink: https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/MAIF/izanami/releases/tag/v1.11.0
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c
x_refsource_CONFIRM
x_transferred
https://github.com/MAIF/izanami/releases/tag/v1.11.0
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/MAIF/izanami/releases/tag/v1.11.0
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:14 Jan, 2023 | 01:15
Updated At:07 Nov, 2023 | 04:07

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

maif
maif
>>izanami>>Versions before 1.11.0(exclusive)
cpe:2.3:a:maif:izanami:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-798Primarynvd@nist.gov
CWE-288Secondarysecurity-advisories@github.com
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-288
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/MAIF/izanami/releases/tag/v1.11.0security-advisories@github.com
Release Notes
Third Party Advisory
https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792csecurity-advisories@github.com
Exploit
Third Party Advisory
Hyperlink: https://github.com/MAIF/izanami/releases/tag/v1.11.0
Source: security-advisories@github.com
Resource:
Release Notes
Third Party Advisory
Hyperlink: https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c
Source: security-advisories@github.com
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

813Records found

CVE-2019-1723
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-5.82% / 92.25%
||
7 Day CHG~0.00%
Published-13 Mar, 2019 | 21:00
Updated-19 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Common Services Platform Collector Static Credential Vulnerability

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static password. This account does not have administrator privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to the affected system using this account. A successful exploit could allow the attacker to log in to the CSPC using the default account. For Cisco CSPC 2.7.x, Cisco fixed this vulnerability in Release 2.7.4.6. For Cisco CSPC 2.8.x, Cisco fixed this vulnerability in Release 2.8.1.2.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-common_services_platform_collectorCisco Common Services Platform Collector Software
CWE ID-CWE-264
Not Available
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-25570
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.00% / 78.32%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-35338
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.65% / 95.53%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 17:02
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."

Action-Not Available
Vendor-mobileviewpointn/a
Product-wireless_multiplex_terminal_playout_servern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-8605
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.1||MEDIUM
EPSS-0.39% / 30.65%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 17:08
Updated-21 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Hard-coded Credentials in ScadaBR

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.

Action-Not Available
Vendor-scadabrScadaBR
Product-scadabrScadaBR
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-26410
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
ShareView Details
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
CVSS Score-9.8||CRITICAL
EPSS-0.66% / 47.19%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 09:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weak Hard-coded Credentials

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via the login shell that is exposed by the serial interface. The backdoor user has been removed in firmware BSP >= 6.4.1.

Action-Not Available
Vendor-Wattsense
Product-Wattsense Bridge
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-9139
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.45% / 36.26%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 19:35
Updated-21 May, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Taiko AG1000-01A Rev 7.3/8 Hard-coded Credentials via login.zhtml

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is implemented entirely in client-side JavaScript in login.zhtml, exposing static plaintext credentials in the page source. Unauthenticated attackers with network access can recover administrative credentials directly from the client-side validate() function to obtain full administrative access to the device.

Action-Not Available
Vendor-Taiko Network Communications Pte Ltd.
Product-AG1000-01A SMS Alert Gateway
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-2538
Matching Score-4
Assigner-Environmental Systems Research Institute, Inc.
ShareView Details
Matching Score-4
Assigner-Environmental Systems Research Institute, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.43%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 20:50
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BUG-000174336

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system.

Action-Not Available
Vendor-Environmental Systems Research Institute, Inc. ("Esri")
Product-portal_for_arcgisPortal for ArcGIS
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-68926
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-29.03% / 97.92%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 16:59
Updated-16 Jan, 2026 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RustFS has a gRPC Hardcoded Token Authentication Bypass

RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token `"rustfs rpc"` that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable with no mechanism for token rotation, and universally valid across all RustFS deployments. Any attacker with network access to the gRPC port can authenticate using this publicly known token and execute privileged operations including data destruction, policy manipulation, and cluster configuration changes. Version 1.0.0-alpha.78 contains a fix for the issue.

Action-Not Available
Vendor-rustfsrustfs
Product-rustfsrustfs
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-4333
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.85% / 53.70%
||
7 Day CHG~0.00%
Published-01 Jun, 2023 | 05:36
Updated-10 Jan, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sprecher: Sprecon maintenance access with hardcoded credentials

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines.

Action-Not Available
Vendor-sprecher-automationSprecher Automation
Product-sprecon-e-tc_ax-3110_firmwaresprecon-e-t3sprecon-e-p_ds6-0_firmwaresprecon-e_cp-2330sprecon-e-c_firmwaresprecon-e-p_dq6-1sprecon-e-csprecon-e_cp-2131_firmwaresprecon-e-p_dl6-1_firmwaresprecon-e-p_ds6-0sprecon-e_cp-2330_firmwaresprecon-e-t3_firmwaresprecon-e-p_dl6-1sprecon-e-p_dq6-1_firmwaresprecon-e-tc_ax-3110sprecon-e_ap-2200_firmwaresprecon-e_ap-2200sprecon-e_cp-2131SPRECON-E CPU PU243xSPRECON-E CPU SPRECON-EDIRSPRECON-E CPU PU244xSPRECON-E CPU MC33/34
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-68860
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 37.94%
||
7 Day CHG~0.00%
Published-29 Dec, 2025 | 21:08
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Mobile builder plugin <= 1.4.2 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder mobile-builder allows Authentication Abuse.This issue affects Mobile builder: from n/a through <= 1.4.2.

Action-Not Available
Vendor-Mobile Builder
Product-Mobile builder
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-23504
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 34.46%
||
7 Day CHG~0.00%
Published-08 Jan, 2026 | 09:17
Updated-28 Apr, 2026 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Felan Framework plugin <= 1.1.3 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework felan-framework allows Authentication Abuse.This issue affects Felan Framework: from n/a through <= 1.1.3.

Action-Not Available
Vendor-RiceTheme
Product-Felan Framework
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2020-28334
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.71% / 90.71%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 18:17
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell.

Action-Not Available
Vendor-barcon/a
Product-wepresent_wipg-1600wwepresent_wipg-1600w_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-44097
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 50.91%
||
7 Day CHG~0.00%
Published-30 Nov, 2022 | 00:00
Updated-24 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel.

Action-Not Available
Vendor-book_store_management_system_projectn/a
Product-book_store_management_systemn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-9260
Matching Score-4
Assigner-Canon Inc.
ShareView Details
Matching Score-4
Assigner-Canon Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.23% / 14.02%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 23:38
Updated-18 Jun, 2026 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier

Action-Not Available
Vendor-Canon Inc.Microsoft CorporationApple Inc.
Product-macoseos_network_setting_toolwindowsEOS Network Setting Tool for WindowsEOS Network Setting Tool for macOS
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-7567
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-9.25% / 94.74%
||
7 Day CHG~0.00%
Published-01 May, 2026 | 09:26
Updated-01 May, 2026 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Temporary Login <= 1.0.0 - Authentication Bypass to Account Takeover

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before processing it. When the parameter is supplied as an array, PHP's empty() check is bypassed and sanitize_key() returns an empty string, which is then passed as the meta_value to get_users(). WordPress ignores an empty meta_value and returns all users matching the meta_key '_temporary_login_token', allowing authentication without a valid token. This makes it possible for unauthenticated attackers to authenticate as any active temporary login user by sending a single crafted GET request.

Action-Not Available
Vendor-elemntor
Product-Temporary Login
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2022-42980
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 50.91%
||
7 Day CHG~0.00%
Published-17 Oct, 2022 | 00:00
Updated-10 May, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key.

Action-Not Available
Vendor-go-adminn/a
Product-go-adminn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-29060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 70.36%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 20:58
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default debug124 password for the debug account.

Action-Not Available
Vendor-n/aC-DATA Technologies Co., Ltd.
Product-fd1216s-r197168p_firmwarefd1208s-r2fd1204s-r2_firmwarefd1616gsfd1002s9016afd1104fd1204sn-r2fd1616sn_firmwarefd1104sfd1204sn_firmwarefd1608gs97168pfd1002s_firmware97084p92416a_firmware9016a_firmwarefd1616gs_firmware97028p9288_firmwarefd1608gs_firmwarefd1104sn_firmwarefd1608sn_firmwarefd1608sn9008a_firmwarefd1204sn-r2_firmwarefd1104b_firmware72408a97028p_firmwarefd1104bfd1204snfd8000_firmware92408afd1104s_firmware97042p_firmware92416afd1104snfd1204s-r297024p97016_firmware928897024p_firmware97084p_firmwarefd1104_firmwarefd1208s-r2_firmwarefd80009008afd1108s72408a_firmware97042pfd1216s-r1_firmware92408a_firmwarefd1108s_firmwarefd1616sn97016n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-7458
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 43.35%
||
7 Day CHG~0.00%
Published-02 May, 2026 | 04:27
Updated-05 May, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User Verification by PickPlugins <= 2.0.46 - Unauthenticated Authentication Bypass via OTP Verification REST API Endpoint

The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_verification_form_wrap_process_otpLogin" function. This makes it possible for unauthenticated attackers to log in as any user with a verified email address, such as an administrator, by submitting a "true" OTP value.

Action-Not Available
Vendor-pickplugins
Product-User Verification by PickPlugins
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2014-125030
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.88% / 54.60%
||
7 Day CHG~0.00%
Published-01 Jan, 2023 | 08:35
Updated-25 Nov, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
taoeffect Empress hard-coded password

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The patch is identified as 557e177d8a309d6f0f26de46efb38d43e000852d. It is recommended to apply a patch to fix this issue. VDB-217154 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-empress_projecttaoeffect
Product-empressEmpress
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2014-0175
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 78.66%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 12:40
Updated-06 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mcollective has a default password set at install

Action-Not Available
Vendor-mcollectiveRed Hat, Inc.Perforce Software, Inc. ("Puppet")Debian GNU/Linux
Product-openshiftdebian_linuxmarionette_collectivemcollective
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-28329
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 71.93%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 19:09
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19.

Action-Not Available
Vendor-barcon/a
Product-wepresent_wipg-1600wwepresent_wipg-1600w_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-2322
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.64% / 46.12%
||
7 Day CHG~0.00%
Published-15 Mar, 2025 | 13:31
Updated-24 Oct, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
274056675 springboot-openai-chatgpt OpenController.java hard-coded credentials

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified as critical. This affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-274056675274056675
Product-springboot-openai-chatgptspringboot-openai-chatgpt
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-16734
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.26% / 86.85%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 20:20
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

Action-Not Available
Vendor-skymeepetwantn/a
Product-pf-103petalk_ai_firmwarepetalk_aipf-103_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-7414
Matching Score-4
Assigner-Austin Hackers Anonymous
ShareView Details
Matching Score-4
Assigner-Austin Hackers Anonymous
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 40.95%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 16:10
Updated-14 May, 2026 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hardcoded credentials in Yarbo robot firmware

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyone who knows them.

Action-Not Available
Vendor-yarboYarbo
Product-lawn_mowerlawn_mower_firmwarelawn_mower_prolawn_mower_pro_firmwareFirmware
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-1619
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-82.82% / 99.63%
||
7 Day CHG~0.00%
Published-27 Jun, 2019 | 03:00
Updated-19 Nov, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Data Center Network Manager Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper session management on affected DCNM software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to gain administrative access on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-data_center_network_managerCisco Data Center Network Manager
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-16153
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.15% / 63.02%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 16:39
Updated-25 Oct, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortinet FortiSIEM
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-22462
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-9.8||CRITICAL
EPSS-1.87% / 76.81%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 15:10
Updated-16 Jul, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system.

Action-Not Available
Vendor-Ivanti Software
Product-neurons_for_itsmNeurons for ITSM (on-prem)
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2019-16399
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.08% / 93.44%
||
7 Day CHG~0.00%
Published-18 Sep, 2019 | 13:06
Updated-05 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.

Action-Not Available
Vendor-n/aWestern Digital Corp.
Product-wd_my_book_firmwarewd_my_bookn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-26879
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-42.48% / 98.53%
||
7 Day CHG~0.00%
Published-26 Oct, 2020 | 19:20
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.

Action-Not Available
Vendor-commscopen/a
Product-ruckus_iot_moduleruckus_vriotn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2013-6236
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.21% / 95.10%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 15:46
Updated-06 Aug, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IZON IP 2.0.2: hard-coded password vulnerability

Action-Not Available
Vendor-izoncamn/a
Product-izon_ip_firmwareizon_ipn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-7786
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 33.36%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 17:11
Updated-16 Jun, 2026 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter Use of Hard-coded Credentials

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services.

Action-Not Available
Vendor-Jinan USR IOT Technology Limited (PUSR)
Product-USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-6760
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 19.68%
||
7 Day CHG~0.00%
Published-21 Apr, 2026 | 12:40
Updated-26 May, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mitigation bypass in the Networking: Cookies component

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdfirefoxFirefoxThunderbird
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2026-6768
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 20.26%
||
7 Day CHG~0.00%
Published-21 Apr, 2026 | 12:41
Updated-27 May, 2026 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mitigation bypass in the Networking: Cookies component

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdfirefoxFirefoxThunderbird
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2026-6771
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 22.68%
||
7 Day CHG~0.00%
Published-21 Apr, 2026 | 12:41
Updated-27 May, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdfirefoxFirefoxThunderbird
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-21589
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.43% / 69.85%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 20:32
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router:  * from 5.6.7 before 5.6.17,  * from 6.0 before 6.0.8 (affected from 6.0.8), * from 6.1 before 6.1.12-lts,  * from 6.2 before 6.2.8-lts,  * from 6.3 before 6.3.3-r2;  This issue affects Session Smart Conductor:  * from 5.6.7 before 5.6.17,  * from 6.0 before 6.0.8 (affected from 6.0.8), * from 6.1 before 6.1.12-lts,  * from 6.2 before 6.2.8-lts,  * from 6.3 before 6.3.3-r2;  This issue affects WAN Assurance Managed Routers:  * from 5.6.7 before 5.6.17,  * from 6.0 before 6.0.8 (affected from 6.0.8), * from 6.1 before 6.1.12-lts,  * from 6.2 before 6.2.8-lts,  * from 6.3 before 6.3.3-r2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-Session Smart RouterSession Smart ConductorWAN Assurance Managed Router
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-67418
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 43.20%
||
7 Day CHG~0.00%
Published-22 Dec, 2025 | 00:00
Updated-02 Jan, 2026 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

Action-Not Available
Vendor-oxygenzn/a
Product-clipbucketn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-41653
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 48.52%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 21:08
Updated-16 Apr, 2025 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system.

Action-Not Available
Vendor-daikinlatamDaikin
Product-svmpc2svmpc1SVMPC2SVMPC1
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-56265
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.41% / 32.61%
||
7 Day CHG-0.02%
Published-21 Jun, 2026 | 13:26
Updated-26 Jun, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crawl4AI - Authentication Bypass via Hardcoded JWT Signing Key

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected functionality.

Action-Not Available
Vendor-kidocodeCrawl4AI
Product-crawl4aiCrawl4AI
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-67304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.03%
||
7 Day CHG~0.00%
Published-19 Feb, 2026 | 00:00
Updated-03 Apr, 2026 | 11:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate remotely, gaining superuser access to the database. This allows creation of administrative users for the web interface, extraction of password hashes, and execution of arbitrary OS commands.

Action-Not Available
Vendor-commscopen/a
Product-ruckus_network_directorn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-1564
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 40.07%
||
7 Day CHG~0.00%
Published-01 Mar, 2025 | 07:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SetSail Membership <= 1.0.3 - Authentication Bypass via Account Takeover

The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user, including administrators and take over access to their account.

Action-Not Available
Vendor-Select-Themes
Product-SetSail Membership
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-1671
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 40.51%
||
7 Day CHG~0.00%
Published-01 Mar, 2025 | 07:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover

The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_membership_check_facebook_user() function not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as any user, including site administrators.

Action-Not Available
Vendor-Elated-Themes
Product-Academist Membership
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-1909
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 42.03%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 19:42
Updated-08 Apr, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BuddyBoss Platform Pro <= 2.7.01 - Authentication Bypass via Apple OAuth provider

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

Action-Not Available
Vendor-BUDDYBOSS LLC
Product-buddyboss_platformBuddyBoss Platform Pro
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-15102
Matching Score-4
Assigner-Delta Electronics, Inc.
ShareView Details
Matching Score-4
Assigner-Delta Electronics, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.27% / 19.04%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 08:48
Updated-06 Jan, 2026 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DVP-12SE11T - Password Protection Bypass

DVP-12SE11T - Password Protection Bypass

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-dvp-12se11tdvp-12se11t_firmwareDVP-12SE11T
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-11522
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 40.81%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 07:23
Updated-08 Apr, 2026 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Search & Go - Directory WordPress Theme <= 2.7 - Authentication Bypass to Privilege Escalation via Account Takeover

The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled. CVE-2025-62064 is likely a duplicate of this CVE.

Action-Not Available
Vendor-Elated-Themes
Product-Search & Go - Directory WordPress Theme
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-1515
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 39.99%
||
7 Day CHG~0.00%
Published-05 Mar, 2025 | 09:21
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Real Estate Manager <= 2.8 - Authentication Bypass via Account Takeover

The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to bypass official authentication and log in as any user on the site, including administrators.

Action-Not Available
Vendor-Chimpstudio
Product-WP Real Estate Manager
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2022-41397
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 47.71%
||
7 Day CHG~0.00%
Published-28 Apr, 2023 | 00:00
Updated-31 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard-coded 40-byte blowfish key ("LandlordPassKey") to encrypt and decrypt secrets stored in configuration files and in database tables.

Action-Not Available
Vendor-sagen/a
Product-sage_300n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-38466
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 33.93%
||
7 Day CHG~0.00%
Published-16 Jun, 2024 | 00:00
Updated-19 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password.

Action-Not Available
Vendor-guoxinledn/a
Product-synthesis_image_systemn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-1638
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.59% / 43.77%
||
7 Day CHG~0.00%
Published-01 Mar, 2025 | 07:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Alloggio Membership <= 1.1 - Authentication Bypass via Social Login Account Takeover

The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggio_membership_init_rest_api_facebook_login and alloggio_membership_init_rest_api_google_login functions. This makes it possible for unauthenticated attackers to log in as any user, including administrators, without knowing a password.

Action-Not Available
Vendor-Edge-Themes
Product-Alloggio Membership
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2020-15322
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.54%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 15:23
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-cloudcnm_secumanagern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-25560
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.13% / 79.70%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 20:12
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. We also observed the same is true if the JSESSIONID is completely removed.

Action-Not Available
Vendor-sapphireimsn/a
Product-sapphireimsn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 16
  • 17
  • Next
Details not found