CWE-798
Use of Hard-coded Credentials
Description
The product contains hard-coded credentials, such as a password or cryptographic key.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-191 · CAPEC-70
CVEs mapped to this weakness (556)
page 14 of 28| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0663 | Hig | 0.57 | 8.8 | 0.02 | Sep 7, 2018 | Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands… | ||
| CVE-2018-10898 | Hig | 0.57 | 8.8 | 0.01 | Jul 30, 2018 | A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials. | ||
| CVE-2016-9495 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices. | ||
| CVE-2016-3953 | — | Cri | 0.57 | 9.8 | 0.03 | Feb 6, 2018 | The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function. | |
| CVE-2017-2280 | Hig | 0.57 | 8.8 | 0.01 | Aug 2, 2017 | WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | ||
| CVE-2017-9488 | Hig | 0.57 | 8.8 | 0.01 | Jul 31, 2017 | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then… | ||
| CVE-2016-9013 | Cri | 0.57 | 9.8 | 0.05 | Dec 9, 2016 | Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging… | ||
| CVE-2012-3503 | Cri | 0.57 | 9.8 | 0.03 | Aug 25, 2012 | The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web… | ||
| CVE-2026-22312 | — | Hig | 0.56 | 8.6 | 0.00 | Jun 16, 2026 | The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands (e.g. system reboot). | |
| CVE-2025-10681 | — | Hig | 0.56 | 8.6 | 0.00 | Apr 3, 2026 | Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers. | |
| CVE-2025-44643 | Hig | 0.56 | 8.6 | 0.00 | Aug 4, 2025 | Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with… | ||
| CVE-2025-4049 | Hig | 0.56 | — | 0.00 | Jul 21, 2025 | Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability in SIGNUM-NET FARA allows to read and manipulate local-stored database.This issue affects FARA: through 5.0.80.34. | ||
| CVE-2023-26566 | Hig | 0.56 | 8.6 | 0.01 | May 14, 2024 | Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API. | ||
| CVE-2017-6351 | Hig | 0.56 | 8.1 | 0.07 | Mar 6, 2017 | The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded… | ||
| CVE-2017-5167 | Hig | 0.56 | 8.6 | 0.01 | Feb 13, 2017 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords. | ||
| CVE-2016-8361 | Hig | 0.56 | 8.6 | 0.02 | Feb 13, 2017 | An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication. | ||
| CVE-2025-59107 | Hig | 0.55 | — | 0.00 | Jan 26, 2026 | Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set… | ||
| CVE-2025-14115 | Hig | 0.55 | 8.4 | 0.00 | Jan 20, 2026 | IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound… | ||
| CVE-2025-14096 | — | Hig | 0.55 | 8.4 | 0.00 | Dec 17, 2025 | A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. … | |
| CVE-2025-55047 | — | Hig | 0.55 | 8.4 | 0.00 | Sep 9, 2025 | CWE-798 Use of Hard-coded Credentials |
- risk 0.57cvss 8.8epss 0.02
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.
- risk 0.57cvss 8.8epss 0.01
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.
- risk 0.57cvss 9.8epss 0.03
The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function.
- risk 0.57cvss 8.8epss 0.01
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.
- risk 0.57cvss 8.8epss 0.01
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then…
- risk 0.57cvss 9.8epss 0.05
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging…
- risk 0.57cvss 9.8epss 0.03
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web…
- risk 0.56cvss 8.6epss 0.00
The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands (e.g. system reboot).
- risk 0.56cvss 8.6epss 0.00
Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers.
- risk 0.56cvss 8.6epss 0.00
Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with…
- risk 0.56cvss —epss 0.00
Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability in SIGNUM-NET FARA allows to read and manipulate local-stored database.This issue affects FARA: through 5.0.80.34.
- risk 0.56cvss 8.6epss 0.01
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API.
- risk 0.56cvss 8.1epss 0.07
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded…
- risk 0.56cvss 8.6epss 0.01
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords.
- risk 0.56cvss 8.6epss 0.02
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication.
- risk 0.55cvss —epss 0.00
Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set…
- risk 0.55cvss 8.4epss 0.00
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound…
- risk 0.55cvss 8.4epss 0.00
A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. …
- risk 0.55cvss 8.4epss 0.00
CWE-798 Use of Hard-coded Credentials