CWE-798
Use of Hard-coded Credentials
Description
The product contains hard-coded credentials, such as a password or cryptographic key.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-191 · CAPEC-70
CVEs mapped to this weakness (556)
page 11 of 28| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6530 | Cri | 0.64 | 9.8 | 0.03 | Sep 21, 2016 | Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords. | ||
| CVE-2016-6535 | Cri | 0.64 | 9.8 | 0.02 | Sep 19, 2016 | AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session. | ||
| CVE-2016-5333 | Cri | 0.64 | 9.8 | 0.03 | Aug 31, 2016 | VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. | ||
| CVE-2016-5081 | Cri | 0.64 | 9.8 | 0.03 | Aug 24, 2016 | ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session. | ||
| CVE-2016-2310 | Cri | 0.64 | 9.8 | 0.03 | Jun 9, 2016 | General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web… | ||
| CVE-2008-0961 | Cri | 0.64 | 9.8 | 0.05 | Apr 14, 2008 | EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface. | ||
| CVE-2005-0496 | Cri | 0.64 | 9.8 | 0.03 | Feb 21, 2005 | Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands. | ||
| CVE-2018-11311 | Cri | 0.63 | 9.1 | 0.16 | May 20, 2018 | A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. | ||
| CVE-2026-47281 | Cri | 0.62 | 9.6 | 0.01 | Jun 9, 2026 | Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | ||
| CVE-2025-3621 | Cri | 0.62 | 9.6 | 0.01 | Jul 15, 2025 | Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. * vulnerabilities: * Improper Neutralization of Special Elements used in a Command ('Command Injection') * Use of Hard-coded… | ||
| CVE-2024-27107 | Cri | 0.62 | 9.6 | 0.00 | May 14, 2024 | Weak account password in GE HealthCare EchoPAC products | ||
| CVE-2025-9696 | Cri | 0.61 | — | 0.00 | Sep 2, 2025 | The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This… | ||
| CVE-2025-3321 | — | Cri | 0.61 | — | 0.00 | Jun 6, 2025 | A predefined administrative account is not documented and cannot be deactivated. This account cannot be misused from the network, only by local users on the server. | |
| CVE-2018-5399 | Cri | 0.61 | 9.4 | 0.02 | Oct 8, 2018 | The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured… | ||
| CVE-2026-5189 | Cri | 0.60 | — | 0.00 | Apr 15, 2026 | CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process… | ||
| CVE-2025-59091 | Cri | 0.60 | — | 0.01 | Jan 26, 2026 | Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used… | ||
| CVE-2025-7072 | Cri | 0.60 | — | 0.01 | Jan 9, 2026 | The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text (shared across all routers of this model) that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware… | ||
| CVE-2025-13954 | Cri | 0.60 | — | 0.00 | Dec 10, 2025 | Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI | ||
| CVE-2018-25126 | Cri | 0.60 | — | 0.04 | Nov 24, 2025 | Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a… | ||
| CVE-2025-7768 | Cri | 0.60 | — | 0.01 | Aug 6, 2025 | Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings,… |
- risk 0.64cvss 9.8epss 0.03
Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords.
- risk 0.64cvss 9.8epss 0.02
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.
- risk 0.64cvss 9.8epss 0.03
VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.
- risk 0.64cvss 9.8epss 0.03
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.
- risk 0.64cvss 9.8epss 0.03
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web…
- risk 0.64cvss 9.8epss 0.05
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface.
- risk 0.64cvss 9.8epss 0.03
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
- risk 0.63cvss 9.1epss 0.16
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
- risk 0.62cvss 9.6epss 0.01
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
- risk 0.62cvss 9.6epss 0.01
Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. * vulnerabilities: * Improper Neutralization of Special Elements used in a Command ('Command Injection') * Use of Hard-coded…
- risk 0.62cvss 9.6epss 0.00
Weak account password in GE HealthCare EchoPAC products
- risk 0.61cvss —epss 0.00
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This…
- risk 0.61cvss —epss 0.00
A predefined administrative account is not documented and cannot be deactivated. This account cannot be misused from the network, only by local users on the server.
- risk 0.61cvss 9.4epss 0.02
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured…
- risk 0.60cvss —epss 0.00
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process…
- risk 0.60cvss —epss 0.01
Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used…
- risk 0.60cvss —epss 0.01
The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text (shared across all routers of this model) that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware…
- risk 0.60cvss —epss 0.00
Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI
- risk 0.60cvss —epss 0.04
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a…
- risk 0.60cvss —epss 0.01
Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings,…