Total
88 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9576 | 1 Seeedstudio | 2 Linkit Smart 7688, Linkit Smart 7688 Firmware | 2025-09-09 | 1.0 LOW | 2.5 LOW |
|
A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-29521 | 1 Dlink | 2 Dsl-7740c, Dsl-7740c Firmware | 2025-09-02 | N/A | 5.3 MEDIUM |
|
Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack.
|
|||||
| CVE-2025-35114 | 1 Atlassian | 1 Agiloft | 2025-09-02 | N/A | 7.5 HIGH |
|
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.
|
|||||
| CVE-2025-29525 | 2025-08-26 | N/A | 5.3 MEDIUM | ||
|
DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel.
|
|||||
| CVE-2025-54137 | 1 Psu | 1 Haxcms-nodejs | 2025-08-22 | N/A | 7.3 HIGH |
|
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. Additionally, the application has default private keys for JWTs. Users aren't prompted to change credentials or secrets during installation, and there is no way to change them through the UI. An unauthenticated attacker can read the default user credentials and JWT private keys from the public haxt ...
Show More |
|||||
| CVE-2024-6788 | 1 Phoenixcontact | 8 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 5 more | 2025-08-22 | N/A | 8.6 HIGH |
|
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.
|
|||||
| CVE-2025-55740 | 2025-08-20 | N/A | 6.5 MEDIUM | ||
|
nginx-defender is a high-performance, enterprise-grade Web Application Firewall (WAF) and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files
config.yaml and docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could ...
Show More |
|||||
| CVE-2025-2184 | 2025-08-13 | N/A | N/A | ||
|
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations.
The attacker must have network access to the Broker VM to exploit this issue.
|
|||||
| CVE-2025-8731 | 2025-08-13 | 10.0 HIGH | 9.8 CRITICAL | ||
|
A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains: "For product TI-PG102i and TI-G160i, by default, the product's remote management options a ...
Show More |
|||||
| CVE-2024-54015 | 2025-08-12 | N/A | 7.5 HIGH | ||
|
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD89 (CP300) V9.6x (All versions < V9.68), SIPROTEC 5 6MU85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 7KE85 (CP300) (All versions >= V8.80 < V10.0), SIPROTEC 5 7SA82 (CP150) (All versions < V9.90), SIPROTEC 5 7SA86 ( ...
Show More |
|||||
| CVE-2025-7907 | 1 Ruoyi | 1 Ruoyi | 2025-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml of the component Druid. The manipulation leads to use of default credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-52997 | 1 Filebrowser | 1 Filebrowser | 2025-08-04 | N/A | 5.9 MEDIUM |
|
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1.
|
|||||
| CVE-2025-22460 | 1 Ivanti | 1 Cloud Services Appliance | 2025-07-16 | N/A | 7.8 HIGH |
|
Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.
|
|||||
| CVE-2025-6951 | 2025-07-03 | 3.3 LOW | 4.3 MEDIUM | ||
|
A vulnerability classified as problematic was found in SAFECAM X300 up to 20250611. This vulnerability affects unknown code of the component FTP Service. The manipulation leads to use of default credentials. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-30139 | 1 Gnetsystem | 2 G-onx, G-onx Firmware | 2025-07-01 | N/A | 9.8 CRITICAL |
|
An issue was discovered on G-Net Dashcam BB GONX devices. Default credentials for SSID cannot be changed. It broadcasts a fixed SSID with default credentials that cannot be changed. This allows any nearby attacker to connect to the dashcam's network without restriction. Once connected, an attacker can sniff on connected devices such as the user's smartphone. The SSID is also always broadcasted.
|
|||||
| CVE-2024-40113 | 1 Sitecom | 2 Wlx-2006, Wlx-2006 Firmware | 2025-06-24 | N/A | 6.5 MEDIUM |
|
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials.
|
|||||
| CVE-2023-43844 | 1 Aten | 2 Pe6208, Pe6208 Firmware | 2025-05-30 | N/A | 8.0 HIGH |
|
Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged web interface account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the web interface and gain administrator privileges.
|
|||||
| CVE-2025-5124 | 2025-05-28 | 7.6 HIGH | 8.1 HIGH | ||
|
A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administrative Interface. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vul ...
Show More |
|||||
| CVE-2025-1531 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
|
Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00.
|
|||||
| CVE-2025-0482 | 1 Native-php-cms Project | 1 Native-php-cms | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-46899 | 2025-04-23 | N/A | 7.1 HIGH | ||
|
Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF: from 10.0.0-00 before 11.0.0-04.
|
|||||
| CVE-2023-40704 | 1 Philips | 1 Vue Pacs | 2025-04-09 | N/A | 6.8 MEDIUM |
|
The product does not require unique and complex passwords to be created
during installation. Using Philips's default password could jeopardize
the PACS system if the password was hacked or leaked. An attacker could
gain access to the database impacting system availability and data
integrity.
|
|||||
| CVE-2024-4622 | 2025-03-27 | N/A | N/A | ||
|
If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface
protected by authentication. If the default credentials are not changed,
an attacker can use public knowledge to access the device as an
administrator.
|
|||||
| CVE-2025-2398 | 2025-03-18 | 8.3 HIGH | 7.2 HIGH | ||
|
A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of default credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-2341 | 2025-03-16 | 1.8 LOW | 3.1 LOW | ||
|
A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in ...
Show More |
|||||
| CVE-2025-2119 | 2025-03-09 | 1.2 LOW | 2.0 LOW | ||
|
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about th ...
Show More |
|||||
| CVE-2024-13893 | 2025-03-06 | N/A | N/A | ||
|
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory.
For the telnet service to be enabled, the inserted SD card needs to have a folder with a specific name created.
Two products were tested, but since the vendor has not replied to reports, patching status remains unknown, as well as groups of device ...
Show More |
|||||
| CVE-2025-1160 | 1 Remyandrade | 1 Employee Management System | 2025-03-03 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2023-30801 | 1 Qbittorrent | 1 Qbittorrent | 2025-02-13 | N/A | 9.8 CRITICAL |
|
All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023.
|
|||||
| CVE-2024-12013 | 2025-02-13 | N/A | 7.6 HIGH | ||
|
A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored.
|
|||||
| CVE-2024-5245 | 1 Netgear | 1 Prosafe Network Management System | 2025-02-11 | N/A | 7.8 HIGH |
|
NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the product installer. The issue results from the use of default MySQL credentials. An attac ...
Show More |
|||||
| CVE-2024-12902 | 2024-12-23 | N/A | 8.4 HIGH | ||
|
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine using the default credentials.
|
|||||
| CVE-2024-39584 | 1 Dell | 40 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R13 and 37 more | 2024-12-20 | N/A | 8.2 HIGH |
|
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
|
|||||
| CVE-2024-10476 | 2024-12-17 | N/A | 8.0 HIGH | ||
|
Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys™ Informatics
Solution is only in scope of
this vulnerability when
installed on a ...
Show More |
|||||
| CVE-2024-12286 | 2024-12-10 | N/A | 9.8 CRITICAL | ||
|
MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials.
|
|||||
| CVE-2024-45068 | 2024-12-03 | N/A | 7.1 HIGH | ||
|
Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.
This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.
|
|||||
| CVE-2024-7898 | 1 Tosei-corporation | 1 Online Store Management System | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability classified as critical was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This vulnerability affects unknown code of the component Backend. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-6535 | 1 Redhat | 1 Service Interconnect | 2024-11-21 | N/A | 5.3 MEDIUM |
|
A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.
|
|||||
| CVE-2024-5632 | 2024-11-21 | N/A | N/A | ||
|
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device, create a WiFi network with a default password.
A user is neither advised to change it during the installation process, nor such a need is described in the manual. As the cameras from the same kit connect automatically, it is very probable for the default password to be left unchanged.
|
|||||
| CVE-2024-31069 | 2024-11-21 | N/A | 7.4 HIGH | ||
|
IO-1020 Micro ELD web server uses a default password for authentication.
|
|||||