Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-25823

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-23 Feb, 2023 | 21:34
Updated At-10 Mar, 2025 | 21:06
Rejected At-
Credits

Gradio contains Use of Hard-coded Credentials

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. This issue is patched in version 3.13.1, however, users are recommended to update to 3.19.1 or later where the FRP solution has been properly tested.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:23 Feb, 2023 | 21:34
Updated At:10 Mar, 2025 | 21:06
Rejected At:
▼CVE Numbering Authority (CNA)
Gradio contains Use of Hard-coded Credentials

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. This issue is patched in version 3.13.1, however, users are recommended to update to 3.19.1 or later where the FRP solution has been properly tested.

Affected Products
Vendor
gradio-app
Product
gradio
Versions
Affected
  • < 3.13.1
Problem Types
TypeCWE IDDescription
CWECWE-798CWE-798: Use of Hard-coded Credentials
Type: CWE
CWE ID: CWE-798
Description: CWE-798: Use of Hard-coded Credentials
Metrics
VersionBase scoreBase severityVector
3.15.4MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5
x_refsource_CONFIRM
Hyperlink: https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5
Resource:
x_refsource_CONFIRM
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:23 Feb, 2023 | 22:15
Updated At:07 Nov, 2023 | 04:09

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. This issue is patched in version 3.13.1, however, users are recommended to update to 3.19.1 or later where the FRP solution has been properly tested.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
CPE Matches

gradio_project
gradio_project
>>gradio>>Versions before 3.13.1(exclusive)
cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*
Weaknesses
CWE IDTypeSource
CWE-798Primarynvd@nist.gov
CWE-798Secondarysecurity-advisories@github.com
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-798
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5security-advisories@github.com
Vendor Advisory
Hyperlink: https://github.com/gradio-app/gradio/security/advisories/GHSA-3x5j-9vwr-8rr5
Source: security-advisories@github.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

595Records found

CVE-2024-47167
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 38.07%
||
7 Day CHG+0.01%
Published-10 Oct, 2024 | 21:47
Updated-17 Oct, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF in the path parameter of /queue/join in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching. Users are advised to upgrade to `gradio>=5` to address this issue. As a workaround, users can disable or heavily restrict URL-based inputs in their Gradio applications to trusted domains only. Additionally, implementing stricter URL validation (such as allowinglist-based validation) and ensuring that local or internal network addresses cannot be requested via the `/queue/join` endpoint can help mitigate the risk of SSRF attacks.

Action-Not Available
Vendor-gradio_projectgradio-appgradio_project
Product-gradiogradiogradio
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-39236
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 54.52%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 00:00
Updated-27 Jun, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself.

Action-Not Available
Vendor-gradio_projectn/agradio_project
Product-gradion/agradio
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-27167
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-5.9||NONE
EPSS-0.45% / 36.56%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 21:40
Updated-05 Mar, 2026 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its own Hugging Face access token via `huggingface_hub.get_token()` and stores it in the visitor's session cookie. If the application is network-accessible, any remote attacker can trigger this flow to steal the server owner's HF token. The session cookie is signed with a hardcoded secret derived from the string `"-v4"`, making the payload trivially decodable. Version 6.6.0 fixes the issue.

Action-Not Available
Vendor-gradio_projectgradio-app
Product-gradiogradio
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-10210
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 72.20%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 22:10
Updated-04 Aug, 2024 | 10:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH.

Action-Not Available
Vendor-aminon/a
Product-kami7b_firmwareak45xak45x_firmwareak65xak5xx_firmwarearia7xxaria6xxaria6xx_firmwareak65x_firmwareak5xxaria7xx_firmwarekami7bn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-22144
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.83% / 53.40%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:11
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-15321
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.80%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 15:20
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-cloudcnm_secumanagern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-15833
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 73.87%
||
7 Day CHG~0.00%
Published-01 Feb, 2021 | 01:39
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom location that cannot be modified by the device owner.

Action-Not Available
Vendor-mofinetworkn/a
Product-mofi4500-4gxelte_firmwaremofi4500-4gxelten/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-15323
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.80%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 15:26
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-cloudcnm_secumanagern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-15322
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.80%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 15:23
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-cloudcnm_secumanagern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-56157
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 53.32%
||
7 Day CHG+0.03%
Published-18 Dec, 2025 | 00:00
Updated-05 Jul, 2026 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL (on TCP port 5432) exposed by default in version 1.0.1 or later.

Action-Not Available
Vendor-langgeniusn/a
Product-difyn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-13963
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.81% / 76.21%
||
7 Day CHG~0.00%
Published-21 Mar, 2021 | 20:57
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account).

Action-Not Available
Vendor-soplanningn/a
Product-soplanningn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-57601
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 32.04%
||
7 Day CHG~0.00%
Published-22 Sep, 2025 | 00:00
Updated-23 Sep, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username `proxyuser` for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target device. The device then uses it to establish a reverse SSH tunnel to a remote access server, enabling browser-based SSH access for the administrator. Because the same `proxyuser` account and SSH key are reused across all customer environments: - An attacker who obtains the key (e.g., by intercepting it in transit, extracting it from the remote access server, or from a compromised admin account) can impersonate any managed device. - They can establish unauthorized reverse SSH tunnels and interact with devices without the owner's consent. This is a design flaw in the authentication model: compromise of a single key compromises the trust boundary between the controller and devices.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-57602
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.49% / 39.15%
||
7 Day CHG~0.00%
Published-22 Sep, 2025 | 00:00
Updated-23 Sep, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can lead to remote code execution, information disclosure, and privilege escalation across customer environments.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-12627
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.79%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 02:16
Updated-19 Nov, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.

Action-Not Available
Vendor-janeczkun/a
Product-calibre-webn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-54947
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.46% / 36.78%
||
7 Day CHG~0.00%
Published-12 Dec, 2025 | 15:11
Updated-15 Dec, 2025 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache StreamPark: Use hard-coded key vulnerability

In Apache StreamPark versions 2.0.0 through 2.1.7, a security vulnerability involving a hard-coded encryption key exists. This vulnerability occurs because the system uses a fixed, immutable key for encryption instead of dynamically generating or securely configuring the key. Attackers may obtain this key through reverse engineering or code analysis, potentially decrypting sensitive data or forging encrypted information, leading to information disclosure or unauthorized system access. This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are recommended to upgrade to version 2.1.7, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-streamparkApache StreamPark
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-8567
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.82% / 76.34%
||
7 Day CHG~0.00%
Published-13 Feb, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS before 8.00
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-13804
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.61% / 73.21%
||
7 Day CHG~0.00%
Published-04 Jun, 2020 | 14:38
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.

Action-Not Available
Vendor-n/aFoxit Software Incorporated
Product-phantompdfreadern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-13858
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 69.39%
||
7 Day CHG~0.00%
Published-01 Feb, 2021 | 01:45
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations.

Action-Not Available
Vendor-mofinetworkn/a
Product-mofi4500-4gxelte_firmwaremofi4500-4gxelten/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-54455
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.1||CRITICAL
EPSS-0.55% / 42.55%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:27
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-magicinfo_9_serverMagicINFO 9 Server
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-54454
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.1||CRITICAL
EPSS-0.54% / 41.95%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:26
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-magicinfo_9_serverMagicINFO 9 Server
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-13793
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.69% / 74.48%
||
7 Day CHG~0.00%
Published-06 Aug, 2020 | 18:56
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key.

Action-Not Available
Vendor-n/aIvanti Software
Product-dsm_netinstn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-12045
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.66% / 74.08%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 13:43
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when used in conjunction with a Baxter Spectrum v8.x (model 35700BAX2), operates a Telnet service on Port 1023 with hard-coded credentials.

Action-Not Available
Vendor-n/aBaxter International, Inc.
Product-sigma_spectrum_infusion_system_firmwaresigma_spectrum_infusion_systemwireless_battery_moduleBaxter Sigma Spectrum Infusion Pumps
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-11854
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-74.23% / 99.43%
||
7 Day CHG~0.00%
Published-27 Oct, 2020 | 16:29
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.

Action-Not Available
Vendor-Micro FocusMicro Focus International Limited
Product-application_performance_managementoperations_bridge_manageroperations_bridgeuniversal_cmdbOperation Bridge ManagerOperation Bridge (containerized)Application Performance Management
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-11951
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 73.95%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:00
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account.

Action-Not Available
Vendor-rittaln/a
Product-cmciii-pu-9333e0fb_firmwarepdu-3c002dec_firmwareiot_interface_3124.300lcp-cw_firmwarecmc_iii_pu_7030.000_firmwarecmciii-pu-9333e0fbpdu-3c002declcp-cwcmc_iii_pu_7030.000n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-11857
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-15.78% / 96.50%
||
7 Day CHG~0.00%
Published-22 Sep, 2020 | 14:00
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user

Action-Not Available
Vendor-n/aMicro Focus International Limited
Product-operation_bridge_reporterOperation Bridge Reporter.
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-10276
Matching Score-4
Assigner-Alias Robotics S.L.
ShareView Details
Matching Score-4
Assigner-Alias Robotics S.L.
CVSS Score-9.8||CRITICAL
EPSS-1.50% / 71.38%
||
7 Day CHG~0.00%
Published-24 Jun, 2020 | 04:50
Updated-16 Sep, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RVD#2558: Default credentials on SICK PLC allows disabling safety features

The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device.

Action-Not Available
Vendor-mobile-industrial-robotsuvd-robotseasyroboticsMobile Industrial Robots A/S
Product-er200mir250_firmwareer200_firmwareer-flex_firmwaremir500mir100_firmwareer-oneer-lite_firmwaremir1000_firmwareuvd_firmwaremir500_firmwaremir200_firmwareer-liteer-flexuvder-one_firmwaremir100mir200mir1000mir250MiR100
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-35987
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.75% / 50.92%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 22:58
Updated-13 Nov, 2024 | 21:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PiiGAB M-Bus Use of Hard-coded Credentials

PiiGAB M-Bus contains hard-coded credentials which it uses for authentication.

Action-Not Available
Vendor-piigabPiiGABpiigab
Product-m-bus_900sm-bus_900s_firmwareM-Bus SoftwarePackm-bus_900s
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2016-8717
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-2.33% / 81.62%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affected devices.

Action-Not Available
Vendor-Moxa Inc.Talos (Cisco Systems, Inc.)
Product-awk-3131aawk-3131a_firmwareMoxa
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-10269
Matching Score-4
Assigner-Alias Robotics S.L.
ShareView Details
Matching Score-4
Assigner-Alias Robotics S.L.
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.93%
||
7 Day CHG~0.00%
Published-24 Jun, 2020 | 05:05
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. Credentials to such wireless Access Point default to well known and widely spread SSID (MiR_RXXXX) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. We have confirmed this flaw in MiR100 and MiR200 but it might also apply to MiR250, MiR500 and MiR1000.

Action-Not Available
Vendor-aliasroboticsenabled-roboticsmobile-industrial-roboticsuvd-robotsMobile Industrial Robots A/S
Product-er200mir250_firmwareer200_firmwareer-flex_firmwaremir500mir200mir100_firmwareuvd_robots_firmwareer-oneer-lite_firmwaremir1000_firmwaremir500_firmwareer-liteer-flexer-one_firmwareuvd_robotsmir100mir200_firmwaremir1000mir250MiR100
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-10988
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 85.02%
||
7 Day CHG~0.00%
Published-13 Jul, 2020 | 18:01
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac15_firmwareac15n/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-29268
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.55% / 93.84%
||
7 Day CHG~0.00%
Published-04 Dec, 2025 | 00:00
Updated-05 Jul, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.

Action-Not Available
Vendor-n/aALLNET GmbH
Product-all-rut22gwall-rut22gw_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-10270
Matching Score-4
Assigner-Alias Robotics S.L.
ShareView Details
Matching Score-4
Assigner-Alias Robotics S.L.
CVSS Score-9.8||CRITICAL
EPSS-1.66% / 73.97%
||
7 Day CHG~0.00%
Published-24 Jun, 2020 | 04:50
Updated-17 Sep, 2024 | 02:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RVD#2557: Hardcoded Credentials on MiRX00 Control Dashboard

Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wireless interface default to well known and widely spread users (omitted) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. This flaw allows cyber attackers to take control of the robot remotely and make use of the default user interfaces MiR has created, lowering the complexity of attacks and making them available to entry-level attackers. More elaborated attacks can also be established by clearing authentication and sending network requests directly. We have confirmed this flaw in MiR100 and MiR200 but according to the vendor, it might also apply to MiR250, MiR500 and MiR1000.

Action-Not Available
Vendor-aliasroboticsenabled-roboticsmobile-industrial-roboticsuvd-robotsMobile Industrial Robots A/S
Product-er200mir250_firmwareer200_firmwareer-flex_firmwaremir500mir100_firmwareuvd_robots_firmwareer-oneer-lite_firmwaremir1000_firmwaremir500_firmwaremir200_firmwareer-liteer-flexer-one_firmwareuvd_robotsmir100mir200mir1000mir250MiR100
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33836
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.44% / 35.82%
||
7 Day CHG~0.00%
Published-16 Oct, 2023 | 00:26
Updated-16 Sep, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Verify Governance information disclosure

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.

Action-Not Available
Vendor-IBM Corporation
Product-security_verify_governanceSecurity Verify Governance
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33744
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 53.41%
||
7 Day CHG~0.00%
Published-27 Jul, 2023 | 00:00
Updated-23 Oct, 2024 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671.

Action-Not Available
Vendor-teleadaptn/ateleadapt
Product-roomcast_ta-2400roomcast_ta-2400_firmwaren/aroomcast_ta-2400
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33778
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 44.72%
||
7 Day CHG~0.00%
Published-01 Jun, 2023 | 00:00
Updated-09 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor2620lnvigor2915acvigorswitch_fx2120vigor2927vac_firmwarevigor2865acvigor2927l_firmwarevigor165vigor2865ac_firmwarevigorap_918rvigorap_912cvigor2766vacvigor2766ax_firmwarevigor2862bn_firmwarevigorswitch_pq2200xb_firmwarevigor2862l_firmwarevigorap_912c_firmwarevigorswitch_p2100vigor2862lvigor2927acvigor2862lnvigor166_firmwarevigor2765vac_firmwarevigor2862ln_firmwarevigor2862lacvigor166vigorap_918r_firmwarevigor2927lac_firmwarevigor2926_plusvigor3910vigor2865lvigor2927lvigorswitch_g1282_firmwarevigor2865vac_firmwarevigor2620ln_firmwarevigorap_906vigor2135vacvigor2865vacvigor2766axvigorswitch_g2121vigor2832n_firmwarevigor2620lvigor2862b_firmwarevigor2862n_firmwarevigor2927f_firmwarevigor2862ac_firmwarevigor2866ax_firmwarevigorswitch_g2540xsvigor1000b_firmwarevigor2865lac_firmwarevigor2866l_firmwarevigor2866lvigor2927fvigorswitch_g1080vigorswitch_g1080_firmwarevigor2926_plus_firmwarevigorswitch_p2100_firmwarevigorswitch_p2540xsvigor2766vac_firmwarevigor2862vacvigor2862nvigor2862bvigorswitch_p2280xvigorswitch_q2121xvigorswitch_g2280x_firmwarevigorswitch_p1282_firmwarevigor167vigorap_1000c_firmwarevigor2135vac_firmwarevigor2765ax_firmwarevigor2765vacvigorswitch_q2200xvigorap_906_firmwarevigor2135ax_firmwarevigorap_903_firmwarevigor2763ac_firmwarevigor2927vacvigor2866acvigorswitch_pq2121xvigorswitch_p2540xs_firmwarevigorap_1060cmyvigorvigor2927ac_firmwarevigor2962vigor2765axvigorswitch_g2100_firmwarevigorswitch_q2121x_firmwarevigorlte_200n_firmwarevigorap_903vigor2765acvigor2765ac_firmwarevigor2927axvigor2862lac_firmwarevigor2865l_firmwarevigorswitch_p1282vigorswitch_g1085_firmwarevigor2866ac_firmwarevigor2135acvigor2862acvigor2915ac_firmwarevigor2865ax_firmwarevigor2135fvacvigorswitch_p2280x_firmwarevigor2862bnvigor2763acvigor2865axvigor2866vac_firmwarevigor2866lac_firmwarevigorswitch_g2121_firmwarevigor2927lacvigorswitch_g2280xvigor2927ax_firmwarevigorswitch_pq2200xbvigor1000bvigor2866axvigor2866lacvigor167_firmwarevigor3910_firmwarevigor165_firmwarevigorswitch_q2200x_firmwarevigor2832nvigorswitch_g2540xs_firmwarevigor2766ac_firmwarevigorap_1060c_firmwarevigorswitch_g1282vigor2866vacvigorswitch_g2100vigorswitch_pq2121x_firmwarevigorswitch_g1085vigorswitch_fx2120_firmwarevigor130_firmwarevigor2766acvigor2620l_firmwarevigor2135ac_firmwarevigor2865lacvigor2962_firmwarevigorap_1000cvigor2862vac_firmwarevigorap_960cvigor2135axvigor130vigorap_960c_firmwarevigorlte_200nvigor2135fvac_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-32227
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 45.51%
||
7 Day CHG~0.00%
Published-30 Jul, 2023 | 08:03
Updated-21 Oct, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials

Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials

Action-Not Available
Vendor-synelSynel
Product-synergy\/asynergy\/a_firmwareSYnergy Fingerprint Terminals
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-28388
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 39.95%
||
7 Day CHG~0.00%
Published-13 Jun, 2025 | 00:00
Updated-27 Oct, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenC3 COSMOS before v6.0.2 was discovered to contain hardcoded credentials for the Service Account.

Action-Not Available
Vendor-openc3n/a
Product-cosmosn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-3264
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-6.7||MEDIUM
EPSS-0.47% / 37.59%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 04:05
Updated-09 Oct, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.

Action-Not Available
Vendor-Cyber Power Systems, Inc.Dataprobe, Inc.
Product-iboot-pdu8sa-2n15_firmwareiboot-pdu4sa-n15iboot-pdu8a-2c20iboot-pdu4-n20iboot-pdu4sa-c20iboot-pdu4-c20iboot-pdu8a-2c10_firmwareiboot-pdu8a-c20iboot-pdu4sa-n20_firmwareiboot-pdu8sa-2n15iboot-pdu4sa-n15_firmwareiboot-pdu4-n20_firmwareiboot-pdu8a-2c10iboot-pdu8sa-c10iboot-pdu8a-c10iboot-pdu8a-2c20_firmwareiboot-pdu8sa-n15iboot-pdu4-c20_firmwarepowerpanel_serveriboot-pdu4a-n15iboot-pdu4a-n20_firmwareiboot-pdu4sa-c20_firmwareiboot-pdu4sa-n20iboot-pdu8a-2n15iboot-pdu8a-c20_firmwareiboot-pdu8a-n20iboot-pdu4a-c20_firmwareiboot-pdu4sa-c10_firmwareiboot-pdu8sa-n20iboot-pdu8a-c10_firmwareiboot-pdu4a-n20iboot-pdu4a-c20iboot-pdu8a-2n15_firmwareiboot-pdu8sa-n20_firmwareiboot-pdu4a-c10iboot-pdu4a-c10_firmwareiboot-pdu8a-2n20iboot-pdu4a-n15_firmwareiboot-pdu8a-n15_firmwareiboot-pdu8a-n20_firmwareiboot-pdu8sa-n15_firmwareiboot-pdu8a-2n20_firmwareiboot-pdu4sa-c10iboot-pdu8sa-c10_firmwareiboot-pdu8a-n15iBoot PDU
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33236
Matching Score-4
Assigner-Moxa Inc.
ShareView Details
Matching Score-4
Assigner-Moxa Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 58.10%
||
7 Day CHG~0.00%
Published-22 May, 2023 | 06:40
Updated-21 Jan, 2025 | 21:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MXsecurity Hardcoded Credential Vulnerability

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs.

Action-Not Available
Vendor-Moxa Inc.
Product-mxsecurityMXsecurity Series
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-6698
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.52% / 71.74%
||
7 Day CHG~0.00%
Published-23 Aug, 2019 | 19:58
Updated-25 Oct, 2024 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortirecorder_200dfortirecorder_firmwarefortirecorder_100dfortirecorder_400dFortinet FortiRecorder
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-47796
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.51% / 39.83%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 23:25
Updated-07 Apr, 2026 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system.

Action-Not Available
Vendor-Denver
Product-Smart Wifi Camera
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-52376
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.14% / 94.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2025 | 00:00
Updated-15 Jul, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible with hard-coded credentials, allowing attackers to gain administrative shell access and execute arbitrary commands on the device.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-6548
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.28% / 66.74%
||
7 Day CHG~0.00%
Published-09 May, 2019 | 14:28
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.

Action-Not Available
Vendor-gen/a
Product-ge_communicatorGE Communicator
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-31579
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 48.32%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 00:00
Updated-17 Sep, 2024 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token.

Action-Not Available
Vendor-tangyhn/a
Product-lamp-cloudn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-7261
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.47% / 91.86%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 17:03
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linear eMerge E3-Series devices have Hard-coded Credentials.

Action-Not Available
Vendor-nortekcontroln/a
Product-linear_emerge_essential_firmwarelinear_emerge_elitelinear_emerge_elite_firmwarelinear_emerge_essentialn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-7265
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-23.12% / 97.51%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 16:49
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).

Action-Not Available
Vendor-nortekcontroln/a
Product-linear_emerge_essential_firmwarelinear_emerge_elitelinear_emerge_elite_firmwarelinear_emerge_essentialn/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-30801
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.8||CRITICAL
EPSS-0.91% / 55.94%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 13:46
Updated-21 Nov, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
qBittorrent Web UI Default Credentials Lead to RCE

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023.

Action-Not Available
Vendor-qbittorrentqBittorrent
Product-qbittorrentqBittorrent client
CWE ID-CWE-1392
Use of Default Credentials
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-5622
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.10% / 62.00%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 22:15
Updated-16 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Accellion File Transfer Appliance Use of Hard-coded Credentials

Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.

Action-Not Available
Vendor-Accellion (Kiteworks USA, LLC)
Product-file_transfer_applianceFile Transfer Appliance
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-30354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 36.03%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 00:00
Updated-27 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-cp3_firmwarecp3n/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-25329
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.69% / 84.18%
||
7 Day CHG+0.04%
Published-24 Feb, 2022 | 02:45
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowsserverprotect_for_network_appliance_filerserverprotect_for_storageserverprotectTrend Micro ServerProtect for Network Appliance FilersTrend Micro ServerProtect for EMC CelerraTrend Micro ServerProtect for Microsoft Windows / Novell NetWareTrend Micro ServerProtect for Storage
CWE ID-CWE-798
Use of Hard-coded Credentials
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 11
  • 12
  • Next
Details not found