Weaknesses of type CWE-798
823 resultsCVE-2025-41722HIGHSauter: Hard-coded Authentication CredentialsEPSS 0.2%CVE-2026-50083CRITICALAqara hardcoded OAuth client credentialsEPSS 0.2%CVE-2025-62777HIGHUse of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to lEPSS 0.2%CVE-2026-29023MEDIUMKeygraph Shannon Hard-coded Router API KeyEPSS 0.2%CVE-2022-34840MEDIUMUse of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration seEPSS 0.2%CVE-2025-5379MEDIUMNuCom NC-WR744G Console Application hard-coded credentialsEPSS 0.2%CVE-2021-0245HIGHJunos OS: Junos Fusion: Hard-coded credentials on satellite devices allows a locally authenticated attacker to elevate their privileges.EPSS 0.2%CVE-2025-1029HIGHHardcoded Credentials in Utarit Informatics' SoliClubEPSS 0.2%CVE-2022-48067MEDIUMAn information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attacEPSS 0.2%CVE-2025-64766MEDIUMNixOS has hardcoded credentials in Onlyoffice moduleEPSS 0.2%CVE-2023-30351HIGHShenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is storedEPSS 0.2%CVE-2021-27430HIGHGE UR family hardcoded credentialsEPSS 0.2%CVE-2025-67809MEDIUMAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A hardcoded Flickr API key and secret are present in the publicly accesEPSS 0.2%CVE-2024-0865HIGHCWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege
escalation when logged in as a non-administratiEPSS 0.2%CVE-2022-32967LOWRealtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded CredentialsEPSS 0.2%CVE-2024-50690MEDIUMSunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates.EPSS 0.2%CVE-2024-27160MEDIUMHardcoded password used to encrypt logs and use of weak cipherEPSS 0.2%CVE-2025-0642MEDIUMHard-coded Credentials in PosCube's AssistEPSS 0.2%CVE-2026-27073HIGHWordPress Addi – Cuotas que se adaptan a ti plugin <= 2.0.4 - Broken Authentication vulnerabilityEPSS 0.2%CVE-2024-50692MEDIUMSunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands tEPSS 0.2%