Fallos del tipo CWE-798
822 resultadosCVE-2023-41878MEDIUMWeak password of selenium VNC in MeterSphereEPSS 0.6%CVE-2023-53983CRITICALAnevia Flamingo XL/XS 3.6.20 Default Credentials Authentication BypassEPSS 0.6%CVE-2022-41399HIGHThe optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte blowfish key ("PASS_KEY") to encrypt and decrypEPSS 0.6%CVE-2023-48250HIGHThe vulnerability allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded acEPSS 0.6%CVE-2024-51547CRITICALCredentials Disclosure - keysEPSS 0.6%CVE-2025-67418CRITICALClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administratEPSS 0.6%CVE-2023-32274HIGHEnphase Installer Toolkit Android App Use of Hard-coded CredentialsEPSS 0.6%CVE-2022-3927HIGHThe affected products store public and private key that are used to sign and protect custom parameter set files from modification.EPSS 0.6%CVE-2023-43583MEDIUMCryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allowEPSS 0.6%CVE-2025-34034CRITICAL5VTechnologies Blue Angel Software Suite Hardcoded CredentialsEPSS 0.6%CVE-2021-27503—Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior tEPSS 0.6%CVE-2024-51431HIGHLB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable.EPSS 0.6%CVE-2023-48251HIGHThe vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account.EPSS 0.6%CVE-2024-42638CRITICALH3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as rooEPSS 0.6%CVE-2024-42637CRITICALH3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.EPSS 0.6%CVE-2025-7503CRITICALAn OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, defaulEPSS 0.6%CVE-2024-42450CRITICALThe Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function EPSS 0.6%CVE-2023-49253CRITICALPredefined root passwordEPSS 0.6%CVE-2024-38648CRITICALA hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including uEPSS 0.6%CVE-2024-46429HIGHA hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to access the web management poEPSS 0.6%