Weaknesses of type CWE-798
820 resultsCVE-2023-24155CRITICALTOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /web_cste/cgi-biEPSS 0.9%CVE-2025-10639HIGHUsage of Hardcoded FTP Credentials EfficientLab WorkExaminer ProfessionalEPSS 0.9%CVE-2018-10898HIGHA vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuratEPSS 0.9%CVE-2023-35724HIGHD-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass VulnerabilityEPSS 0.9%CVE-2022-4333CRITICALSprecher: Sprecon maintenance access with hardcoded credentialsEPSS 0.9%CVE-2024-41610CRITICALD-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotelyEPSS 0.9%CVE-2026-28778HIGHHardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100EPSS 0.8%CVE-2022-28812CRITICALUse of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.EPSS 0.8%CVE-2022-22522CRITICALHard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the deviceEPSS 0.8%CVE-2023-37286CRITICALSmartBPM.NET - Use of Hard-Coded Credentials - 1EPSS 0.8%CVE-2024-52295CRITICALDataEase has a forged JWT token vulnerabilityEPSS 0.8%CVE-2025-27643CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006.EPSS 0.8%CVE-2024-28194CRITICALAuthentication Bypass Because of Hardcoded JWT Secret in your_spotifyEPSS 0.8%CVE-2023-24149CRITICALTOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow.EPSS 0.8%CVE-2014-125121CRITICALArray Networks vAPV and vxAG Default Credential Privilege EscalationEPSS 0.8%CVE-2021-33014HIGHKUKA KR C4 - Use of Hard-Coded CredentialsEPSS 0.8%CVE-2024-23958MEDIUMAutel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass VulnerabilityEPSS 0.8%CVE-2025-56157CRITICALDefault credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source coEPSS 0.8%CVE-2025-3621CRITICALRemote Code Execution in ProTNS ActADUREPSS 0.8%CVE-2023-28937HIGHDataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunEPSS 0.8%