CWE-1392
Use of Default Credentials
Description
The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
Hierarchy (View 1000)
CVEs mapped to this weakness (57)
page 2 of 3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54756 | Hig | 0.55 | 8.4 | 0.00 | Feb 12, 2026 | BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are… | ||
| CVE-2024-12902 | Hig | 0.55 | 8.4 | 0.00 | Dec 23, 2024 | ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine… | ||
| CVE-2026-42941 | Hig | 0.54 | 8.3 | 0.00 | May 29, 2026 | The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change. | ||
| CVE-2024-4622 | Hig | 0.54 | — | 0.00 | May 15, 2024 | If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator. | ||
| CVE-2026-1803 | Hig | 0.53 | 8.1 | 0.01 | Feb 3, 2026 | A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high.… | ||
| CVE-2025-10678 | Cri | 0.53 | — | 0.00 | Oct 20, 2025 | NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default… | ||
| CVE-2025-5124 | Hig | 0.53 | 8.1 | 0.01 | May 24, 2025 | A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administrative Interface. The manipulation leads to use of default credentials. It is… | ||
| CVE-2024-10476 | Hig | 0.52 | 8.0 | 0.00 | Dec 17, 2024 | Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII).… | ||
| CVE-2026-50005 | Hig | 0.50 | 7.7 | 0.00 | Jun 11, 2026 | Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds. | ||
| CVE-2020-36915 | Hig | 0.49 | 7.5 | 0.00 | Jan 6, 2026 | Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands… | ||
| CVE-2024-13893 | Hig | 0.49 | — | 0.00 | Mar 6, 2025 | Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory. For the telnet service to… | ||
| CVE-2024-12013 | Hig | 0.49 | 7.6 | 0.00 | Feb 13, 2025 | A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could… | ||
| CVE-2024-54015 | Hig | 0.49 | 7.5 | 0.01 | Feb 11, 2025 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89… | ||
| CVE-2024-6245 | Hig | 0.48 | 7.4 | 0.00 | Oct 28, 2024 | Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue affects SmartPlay:… | ||
| CVE-2024-27158 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-31069 | Hig | 0.48 | 7.4 | 0.00 | Apr 12, 2024 | IO-1020 Micro ELD web server uses a default password for authentication. | ||
| CVE-2024-30210 | Hig | 0.48 | 7.4 | 0.00 | Apr 12, 2024 | IO-1020 Micro ELD uses a default WIFI password that could allow an adjacent attacker to connect to the device. | ||
| CVE-2025-11943 | Hig | 0.47 | 7.3 | 0.01 | Oct 19, 2025 | A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to… | ||
| CVE-2025-2398 | Hig | 0.47 | 7.2 | 0.01 | Mar 17, 2025 | A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of… | ||
| CVE-2024-46899 | Hig | 0.46 | 7.1 | 0.00 | Apr 22, 2025 | Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF:… |
- risk 0.55cvss 8.4epss 0.00
BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are…
- risk 0.55cvss 8.4epss 0.00
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine…
- risk 0.54cvss 8.3epss 0.00
The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change.
- risk 0.54cvss —epss 0.00
If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator.
- risk 0.53cvss 8.1epss 0.01
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high.…
- risk 0.53cvss —epss 0.00
NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL. This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default…
- risk 0.53cvss 8.1epss 0.01
A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administrative Interface. The manipulation leads to use of default credentials. It is…
- risk 0.52cvss 8.0epss 0.00
Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII).…
- risk 0.50cvss 7.7epss 0.00
Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.
- risk 0.49cvss 7.5epss 0.00
Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands…
- risk 0.49cvss —epss 0.00
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory. For the telnet service to…
- risk 0.49cvss 7.6epss 0.00
A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could…
- risk 0.49cvss 7.5epss 0.01
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89…
- risk 0.48cvss 7.4epss 0.00
Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue affects SmartPlay:…
- risk 0.48cvss 7.4epss 0.00
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL.
- risk 0.48cvss 7.4epss 0.00
IO-1020 Micro ELD web server uses a default password for authentication.
- risk 0.48cvss 7.4epss 0.00
IO-1020 Micro ELD uses a default WIFI password that could allow an adjacent attacker to connect to the device.
- risk 0.47cvss 7.3epss 0.01
A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to…
- risk 0.47cvss 7.2epss 0.01
A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of…
- risk 0.46cvss 7.1epss 0.00
Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF:…