Vulnerabilities (CVE)

Filtered by CWE-798
Total 1702 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10179 1 Dlink 2 Dwr-932b, Dwr-932b Firmware 2026-06-17 5.0 MEDIUM 7.5 HIGH
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
CVE-2016-10177 1 Dlink 2 Dwr-932b, Dwr-932b Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
CVE-2016-10125 1 Dlink 13 Dgs-1100-05, Dgs-1100-05pd, Dgs-1100-08 and 10 more 2026-06-17 6.8 MEDIUM 8.1 HIGH
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
CVE-2016-10115 1 Netgear 8 Arlo Base Station Firmware, Arlo Q Camera Firmware, Arlo Q Plus Camera Firmware and 5 more 2026-06-17 10.0 HIGH 9.8 CRITICAL
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.
CVE-2016-0726 1 Nagios 1 Nagios 2026-06-17 7.5 HIGH 9.8 CRITICAL
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.
CVE-2016-0235 1 Ibm 1 Security Guardium Database Activity Monitor 2026-06-17 7.2 HIGH 8.2 HIGH
IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. IBM X-Force ID: 110326.
CVE-2015-9254 1 Datto 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more 2026-06-17 7.5 HIGH 9.8 CRITICAL
Datto ALTO and SIRIS devices have a default VNC password.
CVE-2015-7276 1 Technicolor 4 C2000t, C2000t Firmware, C2100t and 1 more 2026-06-17 4.3 MEDIUM 5.9 MEDIUM
Technicolor C2000T and C2100T uses hard-coded cryptographic keys.
CVE-2015-7246 2 D-link, Dlink 2 Dvg-n5402sp Firmware, Dvg-n5402sp 2026-06-17 10.0 HIGH 9.8 CRITICAL
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.
CVE-2015-4667 1 Xceedium 1 Xsuite 2026-06-17 7.5 HIGH 9.8 CRITICAL
Multiple hardcoded credentials in Xsuite 2.x.
CVE-2015-3953 1 Pifzer 6 Plum A\+3 Infusion System, Plum A\+3 Infusion System Firmware, Plum A\+ Infusion System and 3 more 2026-06-17 10.0 HIGH 9.8 CRITICAL
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
CVE-2015-2887 1 Ibaby 2 M3s Baby Monitor, M3s Baby Monitor Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
iBaby M3S has a password of admin for the backdoor admin account.
CVE-2015-2885 1 Lens Laboratories 2 Peek-a-view, Peek-a-view Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
CVE-2015-2882 1 Philips 1 In.sight B120\\37 2026-06-17 10.0 HIGH 9.8 CRITICAL
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account.
CVE-2015-2881 1 Gynoii 3 Gcw-1010, Gcw-1020, Gpw-1025 2026-06-17 10.0 HIGH 9.8 CRITICAL
Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.
CVE-2015-2867 1 Trane 1 Comfortlink Ii Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.
CVE-2014-9614 1 Netsweeper 1 Netsweeper 2026-06-17 7.5 HIGH 9.8 CRITICAL
The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/.
CVE-2014-9198 1 Schneider-electric 5 Etg3000 Factorycast Hmi Gateway Firmware, Tsxetg3000, Tsxetg3010 and 2 more 2026-06-17 10.0 HIGH N/A
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
CVE-2014-8579 1 Trendnet 2 Tew-823dru, Tew-823dru Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session.
CVE-2014-8426 1 Barracuda 1 Load Balancer 2026-06-17 7.5 HIGH 9.8 CRITICAL
Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015.