Total
1687 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0040 | 1 Juniper | 1 Contrail Service Orchestration | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. | |||||
| CVE-2018-0039 | 1 Juniper | 1 Contrail Service Orchestration | 2026-06-17 | 7.5 HIGH | 6.5 MEDIUM |
| Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafana or exploit other weaknesses or vulnerabilities in Grafana. | |||||
| CVE-2018-0038 | 1 Juniper | 1 Contrail Service Orchestration | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Cassandra. | |||||
| CVE-2017-9957 | 1 Schneider-electric | 1 U.motion Builder | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can use this information to log into the system with high-privilege credentials. | |||||
| CVE-2017-9956 | 1 Schneider-electric | 1 U.motion Builder | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as part of the HTTP cookie of a web request, resulting in authentication bypass | |||||
| CVE-2017-9932 | 1 Greenpacket | 2 Dx-350, Dx-350 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account. | |||||
| CVE-2017-9852 | 1 Sma | 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more | 2026-06-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwords are expected to be default or similar across installations installed by the same company (but are sometimes changed). Hidden user accounts have (at least in some cases, though more research is required to test this for all hidden user accounts) a fixed password for all devices; it can never be changed by a user. Other vulnerabilities exist that allow an attacker to get the passwords of these hidden user accounts. NOTE: the vendor reports that it has no influence on the allocation of passwords, and that global hardcoded master passwords do not exist. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected | |||||
| CVE-2017-9821 | 1 Npci | 1 Bharat Interface For Money \(bhim\) | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attackers to bypass authentication. | |||||
| CVE-2017-9656 | 1 Philips | 1 Dosewise | 2026-06-17 | 6.5 MEDIUM | 9.1 CRITICAL |
| The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevated privileges are first required for an attacker to access the web application backend system files that contain the hard-coded credentials. Successful exploitation may allow a remote attacker to gain access to the database of the DWP application, which contains PHI. CVSS v3 base score: 9.1, CVSS vector string: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. | |||||
| CVE-2017-9649 | 1 Mirion Technologies | 14 Dmc 3000, Dmc 3000 Firmware, Drm-1\/2 and 11 more | 2026-06-17 | 5.4 MEDIUM | 5.0 MEDIUM |
| A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). An unchangeable, factory-set key is included in the 900 MHz transmitter firmware. | |||||
| CVE-2017-9488 | 1 Cisco | 4 Dpc3939, Dpc3939 Firmware, Dpc3941t and 1 more | 2026-06-17 | 5.8 MEDIUM | 8.8 HIGH |
| The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded credentials. This wan0 interface cannot be accessed from the public Internet. | |||||
| CVE-2017-9132 | 1 Mimosa | 2 Backhaul Radios, Client Radios | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded credentials to connect to the broker on any device (whether it be an AP, Client, or Backhaul model), an attacker can view all the messages being sent between the devices. If an attacker connects to an AP, the AP will leak information about any clients connected to it, including the serial numbers, which can be used to remotely factory reset the clients via a page in their web interface. | |||||
| CVE-2017-8772 | 1 Twsz | 2 Wifi Repeater, Wifi Repeater Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not). | |||||
| CVE-2017-8771 | 1 Twsz | 2 Wifi Repeater, Wifi Repeater Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code. | |||||
| CVE-2017-8415 | 1 Dlink | 4 Dcs-1100, Dcs-1100 Firmware, Dcs-1130 and 1 more | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the user at address 0x000538E0 and performs a strcmp at address 0x00053908 to check if the password is correct or incorrect. However, the /etc/shadow file is a part of CRAM-FS filesystem which means that the user cannot change the password and hence a hardcoded hash in /etc/shadow is used to match the credentials provided by the user. This is a salted hash of the string "admin" and hence it acts as a password to the device which cannot be changed as the whole filesystem is read only. | |||||
| CVE-2017-8226 | 1 Amcrest | 2 Ipm-721s, Ipm-721s Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro, one will notice that this follows a ARM little endian format. The function sub_3DB2FC in IDA pro is identified to be setting up the values at address 0x003DB5A6. The sub_5C057C then sets this value and adds it to the Configuration files in /mnt/mtd/Config/Account1 file. | |||||
| CVE-2017-8224 | 1 Wificam | 2 Wireless Ip Camera \(p2p\), Wireless Ip Camera \(p2p\) Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. | |||||
| CVE-2017-8077 | 1 Tp-link | 2 Tl-sg108e, Tl-sg108e Firmware | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | |||||
| CVE-2017-8013 | 1 Emc | 1 Data Protection Advisor | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password could potentially use these accounts via REST APIs to gain unauthorized access to EMC Data Protection Advisor (including potentially access with administrative privileges). | |||||
| CVE-2017-8011 | 1 Dell | 4 Emc M\&r, Emc Storage Monitoring And Reporting, Emc Vipr Srm and 1 more | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system. | |||||