Weaknesses of type CWE-798
820 resultsCVE-2021-31477MEDIUMThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is EPSS 2.6%CVE-2019-1675HIGHCisco Aironet Active Sensor Static Credentials VulnerabilityEPSS 2.6%CVE-2020-3158CRITICALCisco Smart Software Manager On-Prem Static Default Credential VulnerabilityEPSS 2.5%CVE-2019-13657CRITICALCA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote EPSS 2.5%CVE-2022-29778HIGHD-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' atEPSS 2.5%CVE-2024-5471HIGHAgent takeoverEPSS 2.5%CVE-2023-20101CRITICALA vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root EPSS 2.4%CVE-2018-0329—A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application ServiceEPSS 2.4%CVE-2018-17894—NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker EPSS 2.4%CVE-2018-18998—LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system witEPSS 2.4%CVE-2022-22722—A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain theEPSS 2.4%CVE-2023-44411CRITICALD-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass VulnerabilityEPSS 2.4%CVE-2021-40390CRITICALAn authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP reqEPSS 2.3%CVE-2017-9656—The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a databaseEPSS 2.3%CVE-2023-31184MEDIUMROZCOM clientEPSS 2.3%CVE-2020-3382CRITICALCisco Data Center Network Manager Authentication Bypass VulnerabilityEPSS 2.3%CVE-2022-22056CRITICALLe-yan Co., Ltd. dental management system - Hard-coded CredentialsEPSS 2.3%CVE-2024-9486CRITICALVM images built with Image Builder and Proxmox provider use default credentialsEPSS 2.2%CVE-2021-35961CRITICALTAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded CredentialsEPSS 2.2%CVE-2021-21913CRITICALAn information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network EPSS 2.1%