Fallos del tipo CWE-259

194 resultados
CVE-2025-9310MEDIUMyeqifu carRental Druid login.html hard-coded credentialsEPSS 0.5%CVE-2024-33625CRITICALCyberPower PowerPanel business Use of Hard-coded PasswordEPSS 0.5%CVE-2024-25825CRITICALFydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114 were discovered to be configured with the EPSS 0.5%CVE-2024-34539CRITICALHardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. TEPSS 0.5%CVE-2023-37231CRITICALLoftware Spectrum before 4.6 HF14 uses a Hard-coded Password.EPSS 0.5%CVE-2024-2420HIGHLenelS2 NetBox Hardcoded CredentialsEPSS 0.5%CVE-2026-7251CRITICALEppendorf BioFlo 320 Use of hard-coded passwordEPSS 0.5%CVE-2023-50948MEDIUMIBM Storage Fusion HCI information disclosureEPSS 0.5%CVE-2024-2038HIGHVisual Website Collaboration, Feedback & Project Management – Atarim <= 3.22.6 - Hardcoded CredentialsEPSS 0.5%CVE-2025-8974MEDIUMlinlinjava litemall JSON Web Token JwtHelper.java hard-coded credentialsEPSS 0.5%CVE-2021-27254MEDIUMThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is EPSS 0.5%CVE-2020-12037Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TEPSS 0.5%CVE-2025-59388MEDIUMHyper Data ProtectorEPSS 0.5%CVE-2024-37644HIGHTRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackerEPSS 0.5%CVE-2022-29825MEDIUMUse of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) veEPSS 0.5%CVE-2023-23770CRITICALMotorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing EPSS 0.5%CVE-2024-35395HIGHTOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attaEPSS 0.5%CVE-2024-28066HIGHIn Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).EPSS 0.5%CVE-2024-7216LOWTOTOLINK LR1200 shadow.sample hard-coded passwordEPSS 0.4%CVE-2025-11284MEDIUMZytec Dalian Zhuoyun Technology Central Authentication Service HTTP Header git hard-coded passwordEPSS 0.4%