VYPR

CWE-798

Use of Hard-coded Credentials

BaseDraftLikelihood: High

Description

The product contains hard-coded credentials, such as a password or cryptographic key.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-191 · CAPEC-70

CVEs mapped to this weakness (556)

page 12 of 28
  • CVE-2025-4041CriMay 6, 2025
    risk 0.60cvss epss 0.01

    In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions.

  • CVE-2024-48971CriNov 14, 2024
    risk 0.60cvss 9.3epss 0.00

    The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician privileges.

  • CVE-2023-6198CriJun 25, 2024
    risk 0.60cvss 9.3epss 0.00

    Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User Passwords modules) allows unauthorized access to the device.

  • CVE-2026-50083CriJun 12, 2026
    risk 0.59cvss 9.1epss 0.00

    The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N (9.1 Critical). When combined with…

  • CVE-2023-27573CriMar 11, 2026
    risk 0.59cvss 9.0epss 0.00

    netbox-docker before 2.5.0 has a superuser account with default credentials (admin password for the admin account, and 0123456789abcdef0123456789abcdef01234567 value for SUPERUSER_API_TOKEN). In practice on the public Internet, almost all users changed the password but only…

  • CVE-2025-1242CriFeb 25, 2026
    risk 0.59cvss 9.1epss 0.00

    The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected…

  • CVE-2024-36556CriFeb 6, 2025
    risk 0.59cvss 9.1epss 0.00

    Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b have a Hardcoded password vulnerability.

  • CVE-2024-57811CriJan 13, 2025
    risk 0.59cvss 9.1epss 0.00

    In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton.

  • CVE-2024-46505CriJan 9, 2025
    risk 0.59cvss 9.1epss 0.00

    Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client vulnerabilities.

  • CVE-2024-36248CriNov 26, 2024
    risk 0.59cvss 9.1epss 0.01

    API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

  • CVE-2024-35244CriNov 26, 2024
    risk 0.59cvss 9.1epss 0.01

    There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by examining the coredump), these accounts can be used to re-configure the device. As for the details of affected product names, model…

  • CVE-2024-10025CriOct 17, 2024
    risk 0.59cvss 9.1epss 0.01

    A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the…

  • CVE-2024-28751CriJul 9, 2024
    risk 0.59cvss 9.1epss 0.01

    An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.

  • CVE-2017-9656CriApr 24, 2018
    risk 0.59cvss 9.1epss 0.02

    The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this…

  • CVE-2018-5551CriMar 19, 2018
    risk 0.59cvss 9.0epss 0.02

    Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa.

  • CVE-2017-11694CriJul 28, 2017
    risk 0.59cvss 9.1epss 0.01

    MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and…

  • CVE-2017-11693CriJul 28, 2017
    risk 0.59cvss 9.1epss 0.01

    MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and…

  • CVE-2016-8491CriFeb 1, 2017
    risk 0.59cvss 9.1epss 0.02

    The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

  • CVE-2008-2369CriAug 14, 2008
    risk 0.59cvss 9.1epss 0.03

    manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.

  • CVE-2026-45631CriMay 29, 2026
    risk 0.58cvss 10.0epss 0.00

    Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute…