Common Weakness Enumeration

CWE-1392

Allowed

Use of Default Credentials

Abstraction: Base · Status: Incomplete

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

191 vulnerabilities reference this CWE, most recent first.

GHSA-P5WP-WJHW-5M95

Vulnerability from github – Published: 2025-03-16 15:32 – Updated: 2025-03-16 15:32
VLAI
Details

A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2341"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-16T15:15:36Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-p5wp-wjhw-5m95",
  "modified": "2025-03-16T15:32:02Z",
  "published": "2025-03-16T15:32:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2341"
    },
    {
      "type": "WEB",
      "url": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-1-default-credentials-for-ssid-cwe-1393"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.299807"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.299807"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.512418"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P7J8-2RGX-MWXM

Vulnerability from github – Published: 2025-05-16 09:30 – Updated: 2025-05-16 09:30
VLAI
Details

Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1531"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-16T07:15:47Z",
    "severity": "MODERATE"
  },
  "details": "Authentication credentials leakage  vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00.",
  "id": "GHSA-p7j8-2rgx-mwxm",
  "modified": "2025-05-16T09:30:36Z",
  "published": "2025-05-16T09:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1531"
    },
    {
      "type": "WEB",
      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-116/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P8QR-WW3F-6MVM

Vulnerability from github – Published: 2025-01-15 21:31 – Updated: 2025-01-15 21:31
VLAI
Details

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0482"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-15T20:15:28Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-p8qr-ww3f-6mvm",
  "modified": "2025-01-15T21:31:42Z",
  "published": "2025-01-15T21:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0482"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Fanli2012/native-php-cms/issues/4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.291927"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.291927"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.475237"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PR72-8FXW-XX22

Vulnerability from github – Published: 2025-08-19 22:24 – Updated: 2025-08-29 20:37
VLAI
Summary
Default Credentials in nginx-defender Configuration Files
Details

Impact

This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml, docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections.

Who is impacted? All users who deploy nginx-defender with default credentials and expose the admin interface to untrusted networks.

Patches

The issue is addressed in v1.5.0 and later.

Startup warnings are added if default credentials are detected. Documentation now strongly recommends changing all default passwords before deployment. Patched versions: 1.5.0 and later Will be fully patched in v1.7.0 and later

Workarounds

Users can remediate the vulnerability without upgrading by manually changing all default credentials in configuration files before deployment:

# config.yaml
auth:
  default_password: "your_strong_password_here"
# docker-compose.yml
- GF_SECURITY_ADMIN_PASSWORD=your_strong_password

Restrict access to the admin interface and use environment variables for secrets.

References

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/Anipaleja/nginx-defender"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-55740"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-19T22:24:40Z",
    "nvd_published_at": "2025-08-19T20:15:35Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThis is a configuration vulnerability affecting nginx-defender deployments. Example configuration files \n[config.yaml](https://github.com/Anipaleja/nginx-defender/blob/main/config.yaml), [docker-compose.yml](https://github.com/Anipaleja/nginx-defender/blob/main/docker-compose.yml) contain default credentials (`default_password: \"change_me_please\"`, `GF_SECURITY_ADMIN_PASSWORD=admin123`). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections.\n\n**Who is impacted?**\nAll users who deploy nginx-defender with default credentials and expose the admin interface to untrusted networks.\n\n### Patches\nThe issue is addressed in v1.5.0 and later.\n\nStartup warnings are added if default credentials are detected.\nDocumentation now strongly recommends changing all default passwords before deployment.\nPatched versions:\n1.5.0 and later\n**Will be fully patched in v1.7.0 and later**\n\n### Workarounds\nUsers can remediate the vulnerability without upgrading by manually changing all default credentials in configuration files before deployment:\n```yaml\n# config.yaml\nauth:\n  default_password: \"your_strong_password_here\"\n```\n\n```yml\n# docker-compose.yml\n- GF_SECURITY_ADMIN_PASSWORD=your_strong_password\n```\nRestrict access to the admin interface and use environment variables for secrets.\n\n### References\n- [Security Configuration Guide](https://github.com/Anipaleja/nginx-defender/blob/main/docs/security-config.md)\n- [Full Security Advisory](https://github.com/Anipaleja/nginx-defender/security/advisories)\n- [Library README](https://github.com/Anipaleja/nginx-defender/blob/main/lib/README.md)\n- [README](https://github.com/Anipaleja/nginx-defender/blob/main/README.md)",
  "id": "GHSA-pr72-8fxw-xx22",
  "modified": "2025-08-29T20:37:35Z",
  "published": "2025-08-19T22:24:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Anipaleja/nginx-defender/security/advisories/GHSA-pr72-8fxw-xx22"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55740"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Anipaleja/nginx-defender"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3896"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Default Credentials in nginx-defender Configuration Files"
}

GHSA-Q3H2-6968-258W

Vulnerability from github – Published: 2026-07-02 21:32 – Updated: 2026-07-02 21:32
VLAI
Details

AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via add_default_user() in the database user module when the users table is empty. Attackers can submit the default credentials to the authentication login endpoint to gain full control of the application, including RSS feed configuration, downloader configuration, and all authenticated API endpoints.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-58466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-02T20:17:06Z",
    "severity": "CRITICAL"
  },
  "details": "AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via add_default_user() in the database user module when the users table is empty. Attackers can submit the default credentials to the authentication login endpoint to gain full control of the application, including RSS feed configuration, downloader configuration, and all authenticated API endpoints.",
  "id": "GHSA-q3h2-6968-258w",
  "modified": "2026-07-02T21:32:12Z",
  "published": "2026-07-02T21:32:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-58466"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EstrellaXD/Auto_Bangumi/issues/1041"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EstrellaXD/Auto_Bangumi/commit/487bdfec545e805ae416e6ddf28651bd274d6a73"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EstrellaXD/Auto_Bangumi/releases/tag/3.2.8"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/autobangumi-hard-coded-default-credentials-via-add-default-user"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-Q6GQ-VXG6-9M9P

Vulnerability from github – Published: 2025-12-09 21:31 – Updated: 2025-12-09 21:31
VLAI
Details

COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowing them to access the web control panel.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47707"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T21:15:49Z",
    "severity": "CRITICAL"
  },
  "details": "COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the \u0027passkey\u0027 parameter set to \u00271234\u0027, allowing them to access the web control panel.",
  "id": "GHSA-q6gq-vxg6-9m9p",
  "modified": "2025-12-09T21:31:49Z",
  "published": "2025-12-09T21:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47707"
    },
    {
      "type": "WEB",
      "url": "https://www.commax.com"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/50210"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/commax-cvd-axx-dvr-weak-default-credentials-stream-disclosure"
    },
    {
      "type": "WEB",
      "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5667.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-Q6PV-P83M-GWHP

Vulnerability from github – Published: 2025-10-25 18:30 – Updated: 2025-11-10 15:31
VLAI
Details

Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-12218"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-25T16:15:40Z",
    "severity": "CRITICAL"
  },
  "details": "Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.",
  "id": "GHSA-q6pv-p83m-gwhp",
  "modified": "2025-11-10T15:31:03Z",
  "published": "2025-10-25T18:30:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12218"
    },
    {
      "type": "WEB",
      "url": "https://azure-access.com/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QCX5-4HHW-RPVH

Vulnerability from github – Published: 2026-06-22 21:31 – Updated: 2026-06-22 21:31
VLAI
Details

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-44273"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-22T20:16:29Z",
    "severity": "MODERATE"
  },
  "details": "Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.",
  "id": "GHSA-qcx5-4hhw-rpvh",
  "modified": "2026-06-22T21:31:00Z",
  "published": "2026-06-22T21:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44273"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000472001/dsa-2026-247"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QRWG-49X6-M5P2

Vulnerability from github – Published: 2025-08-08 18:32 – Updated: 2025-08-08 18:32
VLAI
Details

A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has been classified as critical. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-08T16:15:28Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has been classified as critical. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-qrwg-49x6-m5p2",
  "modified": "2025-08-08T18:32:22Z",
  "published": "2025-08-08T18:32:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8731"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Nicholas-wei/bug-discovery/blob/main/trendnet/TPL-430AP_FW1.0.1/trendnet_several_vulns.pdf"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.319227"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.319227"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.621749"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R3PP-W9MM-8FCC

Vulnerability from github – Published: 2025-07-20 21:31 – Updated: 2025-07-20 21:31
VLAI
Details

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml of the component Druid. The manipulation leads to use of default credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7907"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-20T21:15:23Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml of the component Druid. The manipulation leads to use of default credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-r3pp-w9mm-8fcc",
  "modified": "2025-07-20T21:31:18Z",
  "published": "2025-07-20T21:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7907"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yangzongzhuan/RuoYi/issues/297"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.317022"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.317022"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.618362"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Requirements

Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.

Mitigation
Architecture and Design

Force the administrator to change the credential upon installation.

Mitigation
Installation Operation

The product administrator could change the defaults upon installation or during operation.

No CAPEC attack patterns related to this CWE.