CWE-798
Use of Hard-coded Credentials
Description
The product contains hard-coded credentials, such as a password or cryptographic key.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-191 · CAPEC-70
CVEs mapped to this weakness (556)
page 10 of 28| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-2887 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | iBaby M3S has a password of admin for the backdoor admin account. | ||
| CVE-2015-2885 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account. | ||
| CVE-2015-2882 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448… | ||
| CVE-2015-2881 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account. | ||
| CVE-2017-7576 | Cri | 0.64 | 9.8 | 0.01 | Apr 6, 2017 | DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credentials can be used in the web interface or by connecting to the device via TELNET.… | ||
| CVE-2017-7574 | Cri | 0.64 | 9.8 | 0.01 | Apr 6, 2017 | Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a… | ||
| CVE-2016-10308 | Cri | 0.64 | 9.8 | 0.03 | Mar 30, 2017 | Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded… | ||
| CVE-2016-10307 | Cri | 0.64 | 9.8 | 0.02 | Mar 30, 2017 | Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via… | ||
| CVE-2016-10306 | Cri | 0.64 | 9.8 | 0.03 | Mar 30, 2017 | Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. | ||
| CVE-2016-10305 | Cri | 0.64 | 9.8 | 0.02 | Mar 30, 2017 | Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once… | ||
| CVE-2016-8567 | Cri | 0.64 | 9.8 | 0.02 | Feb 13, 2017 | An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP. | ||
| CVE-2016-5818 | Cri | 0.64 | 9.8 | 0.02 | Feb 13, 2017 | An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device. | ||
| CVE-2016-8954 | Cri | 0.64 | 9.8 | 0.02 | Feb 8, 2017 | IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | ||
| CVE-2017-5600 | Cri | 0.64 | 9.8 | 0.02 | Feb 2, 2017 | The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account. | ||
| CVE-2016-10177 | Cri | 0.64 | 9.8 | 0.07 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234. | ||
| CVE-2015-2867 | Cri | 0.64 | 9.8 | 0.05 | Jan 6, 2017 | A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. | ||
| CVE-2016-10115 | Cri | 0.64 | 9.8 | 0.05 | Jan 4, 2017 | NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access… | ||
| CVE-2016-6829 | Cri | 0.64 | 9.8 | 0.02 | Dec 9, 2016 | The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove and crowbar-barclamp-trove) in the Crowbar Framework has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors. | ||
| CVE-2016-7560 | Cri | 0.64 | 9.8 | 0.03 | Oct 5, 2016 | The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors. | ||
| CVE-2016-6532 | Cri | 0.64 | 9.8 | 0.03 | Sep 24, 2016 | DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session. |
- risk 0.64cvss 9.8epss 0.01
iBaby M3S has a password of admin for the backdoor admin account.
- risk 0.64cvss 9.8epss 0.01
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
- risk 0.64cvss 9.8epss 0.02
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448…
- risk 0.64cvss 9.8epss 0.02
Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.
- risk 0.64cvss 9.8epss 0.01
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credentials can be used in the web interface or by connecting to the device via TELNET.…
- risk 0.64cvss 9.8epss 0.01
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a…
- risk 0.64cvss 9.8epss 0.03
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded…
- risk 0.64cvss 9.8epss 0.02
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via…
- risk 0.64cvss 9.8epss 0.03
Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.
- risk 0.64cvss 9.8epss 0.02
Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device.
- risk 0.64cvss 9.8epss 0.02
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.
- risk 0.64cvss 9.8epss 0.02
The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account.
- risk 0.64cvss 9.8epss 0.07
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
- risk 0.64cvss 9.8epss 0.05
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.
- risk 0.64cvss 9.8epss 0.05
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access…
- risk 0.64cvss 9.8epss 0.02
The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove and crowbar-barclamp-trove) in the Crowbar Framework has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors.
- risk 0.64cvss 9.8epss 0.03
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors.
- risk 0.64cvss 9.8epss 0.03
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session.