Total
88 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28713 | 2026-03-06 | N/A | 7.1 HIGH | ||
|
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
|
|||||
| CVE-2026-27751 | 1 Sodola-network | 2 Sl902-swtgw124as, Sl902-swtgw124as Firmware | 2026-03-04 | N/A | 9.8 CRITICAL |
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.
|
|||||
| CVE-2026-22886 | 2026-03-03 | N/A | 9.8 CRITICAL | ||
|
OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires
authentication. However, the product ships with a default administrative account (admin/
admin) and does not enforce a mandatory password change on first use. After the first
successful login, the server continues to accept the default password indefinitely without
warning or enforcement.
In real-world deployments, this service is often left enabled without changing the default
credentials. As a result, a remot ...
Show More |
|||||
| CVE-2026-26366 | 1 Jung-group | 1 Enet Smart Home | 2026-02-26 | N/A | 9.8 CRITICAL |
|
eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitive smart home configuration and control functions.
|
|||||
| CVE-2026-26341 | 1 Tattile | 20 Anpr Mobile, Anpr Mobile Firmware, Axle Counter and 17 more | 2026-02-26 | N/A | 9.8 CRITICAL |
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.
|
|||||
| CVE-2025-29629 | 2026-02-25 | N/A | 9.1 CRITICAL | ||
|
Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 use weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits.
|
|||||
| CVE-2026-1972 | 1 Edimax | 2 Br-6208ac, Br-6208ac Firmware | 2026-02-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects pr ...
Show More |
|||||
| CVE-2026-22273 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2026-02-18 | N/A | 8.8 HIGH |
|
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-54756 | 2026-02-13 | N/A | 8.4 HIGH | ||
|
BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or
series 5 prior to v9.0.166 use a default password that is guessable with
knowledge of the device information. The latest release fixes this
issue for new installations; users of old installations are encouraged
to change all default passwords.
|
|||||
| CVE-2025-58744 | 2 Microsoft, Milner | 2 Windows, Imagedirector Capture | 2026-02-10 | N/A | 7.5 HIGH |
|
Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in
Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key.
This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.
|
|||||
| CVE-2026-1803 | 2026-02-04 | 7.6 HIGH | 8.1 HIGH | ||
|
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-1711 | 1 Endress | 2 Meac300-fnade4, Meac300-fnade4 Firmware | 2026-01-29 | N/A | 4.3 MEDIUM |
|
Multiple services of the DUT as well as different scopes of the same service reuse the same credentials.
|
|||||
| CVE-2025-7740 | 2026-01-29 | N/A | N/A | ||
|
Default credentials vulnerability exists in SuprOS
product. If exploited, this could allow an authenticated
local attacker to use an admin account created during
product deployment.
|
|||||
| CVE-2018-25147 | 1 Microhardcorp | 22 Bullet-3g, Bullet-3g Firmware, Bullet-lte and 19 more | 2026-01-26 | N/A | 7.5 HIGH |
|
Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.
|
|||||
| CVE-2025-59108 | 2026-01-26 | N/A | N/A | ||
|
By default, the password for the Access Manager's web interface, is set to 'admin'. In the tested version changing the password was not enforced.
|
|||||
| CVE-2020-36915 | 2026-01-08 | N/A | 7.5 HIGH | ||
|
Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions.
|
|||||
| CVE-2022-50803 | 2025-12-31 | N/A | 9.8 CRITICAL | ||
|
JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges.
|
|||||
| CVE-2025-35452 | 4 Multicam-systems, Ptzoptics, Smtav and 1 more | 121 Mcamii Ptz, Mcamii Ptz Firmware, Ndi Fixed Camera and 118 more | 2025-12-23 | N/A | 9.8 CRITICAL |
|
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.
|
|||||
| CVE-2024-4007 | 1 Abb | 26 Aspect-ent-12, Aspect-ent-12 Firmware, Aspect-ent-2 and 23 more | 2025-12-19 | N/A | 8.8 HIGH |
|
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
|
|||||
| CVE-2025-35042 | 1 Airship.ai | 1 Acropolis | 2025-12-19 | N/A | 9.8 CRITICAL |
|
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.21, and 11.1.9.
|
|||||
| CVE-2025-54303 | 1 Thermofisher | 1 Torrent Suite Software | 2025-12-16 | N/A | 9.8 CRITICAL |
|
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default credentials; however, a password change policy for default administrative accounts is not enforced. Many deployments may retain default credentials, in which case an attacker is likely to be able to successfully ...
Show More |
|||||
| CVE-2023-49621 | 1 Siemens | 2 Simatic Cn 4100, Simatic Cn 4100 Firmware | 2025-12-16 | N/A | 9.8 CRITICAL |
|
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
|
|||||
| CVE-2021-47707 | 2025-12-12 | N/A | N/A | ||
|
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowing them to access the web control panel.
|
|||||
| CVE-2024-29844 | 1 Cs-technologies | 1 Evolution | 2025-12-10 | N/A | 9.8 CRITICAL |
|
Default credentials on the Web Interface of Evolution Controller 2.x allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the user to change the default password.
|
|||||
| CVE-2025-12592 | 2025-11-19 | N/A | N/A | ||
|
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts.
|
|||||
| CVE-2025-11943 | 1 70mai | 2 X200, X200 Firmware | 2025-11-17 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-6529 | 1 70mai | 2 M300, M300 Firmware | 2025-11-14 | 8.3 HIGH | 8.8 HIGH |
|
A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-12217 | 1 Azure-access | 4 Blu-ic2, Blu-ic2 Firmware, Blu-ic4 and 1 more | 2025-11-10 | N/A | 9.1 CRITICAL |
|
SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
|
|||||
| CVE-2025-12218 | 1 Azure-access | 4 Blu-ic2, Blu-ic2 Firmware, Blu-ic4 and 1 more | 2025-11-10 | N/A | 9.1 CRITICAL |
|
Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
|
|||||
| CVE-2025-34516 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-11-03 | N/A | 9.8 CRITICAL |
|
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
|
|||||
| CVE-2025-10542 | 2025-11-03 | N/A | 9.8 CRITICAL | ||
|
iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and data. This enables reading highly sensitive telemetry (including keylogger output) and issuing arbitrary actions to all connected clients.
|
|||||
| CVE-2025-10678 | 2025-10-21 | N/A | N/A | ||
|
NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created by ZITADEL.
This issue affects instances installed using vendor's provided script. This issue may affect instances created with Docker if the default password was not changed nor the user was removed.
This issue has been fixed in version 0.57.0
|
|||||
| CVE-2025-23012 | 1 Fedorarepository | 1 Fcrepo | 2025-10-07 | N/A | 7.5 HIGH |
|
Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) with default credentials and privileges to read read local files by manipulating datastreams. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23).
|
|||||
| CVE-2024-12856 | 1 Four-faith | 4 F3x24, F3x24 Firmware, F3x36 and 1 more | 2025-09-25 | N/A | 7.2 HIGH |
|
The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command injection vulnerability. At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi. Additionally, this firmware version has default credentials which, if not changed, would effectively change this vulnerability into an unauthenticated and remote OS command execution issue.
|
|||||
| CVE-2025-51536 | 1 Craws | 1 Openatlas | 2025-09-23 | N/A | 9.8 CRITICAL |
|
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.
|
|||||
| CVE-2025-51535 | 1 Craws | 1 Openatlas | 2025-09-20 | N/A | 9.1 CRITICAL |
|
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability.
|
|||||
| CVE-2025-55110 | 2025-09-17 | N/A | 5.5 MEDIUM | ||
|
Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is well known and documented.
An attacker with read access to the keystore could access sensitive data using this password.
|
|||||
| CVE-2025-8530 | 1 Eladmin | 1 Eladmin | 2025-09-12 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-55051 | 2025-09-11 | N/A | 10.0 CRITICAL | ||
|
CWE-1392: Use of Default Credentials
|
|||||
| CVE-2025-9577 | 1 Totolink | 2 X2000r, X2000r Firmware | 2025-09-09 | 1.0 LOW | 2.5 LOW |
|
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited.
|
|||||