Common Weakness Enumeration

CWE-1392

Allowed

Use of Default Credentials

Abstraction: Base · Status: Incomplete

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

191 vulnerabilities reference this CWE, most recent first.

GHSA-W3PF-5JQJ-RJ4Q

Vulnerability from github – Published: 2024-05-15 18:30 – Updated: 2025-03-27 18:30
VLAI
Details

If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-15T17:15:16Z",
    "severity": "HIGH"
  },
  "details": "If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface \nprotected by authentication. If the default credentials are not changed,\n an attacker can use public knowledge to access the device as an \nadministrator.",
  "id": "GHSA-w3pf-5jqj-rj4q",
  "modified": "2025-03-27T18:30:40Z",
  "published": "2024-05-15T18:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4622"
    },
    {
      "type": "WEB",
      "url": "https://industrydecarbonization.com/news/insecure-password-allowed-administrative-access-to-electric-vehicle-chargers.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-W4H5-9MG2-VV6R

Vulnerability from github – Published: 2024-08-13 18:31 – Updated: 2024-08-22 15:31
VLAI
Details

Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism.  These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-7746"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392",
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T16:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism.\u00a0\nThese transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.",
  "id": "GHSA-w4h5-9mg2-vv6r",
  "modified": "2024-08-22T15:31:18Z",
  "published": "2024-08-13T18:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7746"
    },
    {
      "type": "WEB",
      "url": "https://asrg.io/security-advisories/cve-2024-7746"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-W799-V85J-88PG

Vulnerability from github – Published: 2024-07-17 03:31 – Updated: 2024-11-18 16:26
VLAI
Summary
Skupper uses a static cookie secret for the openshift oauth-proxy
Details

A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/skupperproject/skupper"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20240703184342-c26bce4079ff"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-6535"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392",
      "CWE-287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-17T16:01:10Z",
    "nvd_published_at": "2024-07-17T03:15:01Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.",
  "id": "GHSA-w799-v85j-88pg",
  "modified": "2024-11-18T16:26:52Z",
  "published": "2024-07-17T03:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6535"
    },
    {
      "type": "WEB",
      "url": "https://github.com/skupperproject/skupper/commit/d2cb3782e807853694ee66b6e3d4a1917485eb71"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:4865"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:4871"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-6535"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296024"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/skupperproject/skupper"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Skupper uses a static cookie secret for the openshift oauth-proxy"
}

GHSA-W7RR-WM5C-6W59

Vulnerability from github – Published: 2024-07-09 12:30 – Updated: 2024-07-09 12:30
VLAI
Details

Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device, create a WiFi network with a default password. A user is neither advised to change it during the installation process, nor such a need is described in the manual. As the cameras from the same kit connect automatically, it is very probable for the default password to be left unchanged.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5632"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T11:15:16Z",
    "severity": "MODERATE"
  },
  "details": "Longse NVR (Network Video Recorder) model\u00a0NVR3608PGE2W, as well as products based on this device, create a WiFi network with a default password.\nA user is neither advised to change it during the installation process, nor such a need is described in the manual. As the cameras from the same kit connect automatically, it is very probable for the default password to be left unchanged.",
  "id": "GHSA-w7rr-wm5c-6w59",
  "modified": "2024-07-09T12:30:56Z",
  "published": "2024-07-09T12:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5632"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2024/07/CVE-2024-5631"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/posts/2024/07/CVE-2024-5631"
    },
    {
      "type": "WEB",
      "url": "https://zamel.com/pl/gardi/zestaw-monitoringu-bezprzewodowego-wi-fi-typ-zmb-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-W8G8-33G5-C7M6

Vulnerability from github – Published: 2024-04-12 18:33 – Updated: 2024-04-12 18:33
VLAI
Details

IO-1020 Micro ELD web server uses a default password for authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31069"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-12T16:15:40Z",
    "severity": "HIGH"
  },
  "details": "IO-1020 Micro ELD web server uses a default password for authentication.\n\n",
  "id": "GHSA-w8g8-33g5-c7m6",
  "modified": "2024-04-12T18:33:27Z",
  "published": "2024-04-12T18:33:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31069"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-093-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WWV5-PFX5-R5W7

Vulnerability from github – Published: 2024-12-03 03:31 – Updated: 2024-12-03 03:31
VLAI
Details

Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.

This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45068"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-03T03:15:04Z",
    "severity": "HIGH"
  },
  "details": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\n\n\nThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.",
  "id": "GHSA-wwv5-pfx5-r5w7",
  "modified": "2024-12-03T03:31:27Z",
  "published": "2024-12-03T03:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45068"
    },
    {
      "type": "WEB",
      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-149/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X59X-7JQM-MQJH

Vulnerability from github – Published: 2026-05-26 18:31 – Updated: 2026-05-26 18:31
VLAI
Details

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-36221"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-26T17:16:29Z",
    "severity": "MODERATE"
  },
  "details": "IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through  Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.",
  "id": "GHSA-x59x-7jqm-mqjh",
  "modified": "2026-05-26T18:31:45Z",
  "published": "2026-05-26T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36221"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7273923"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XM33-6WJ2-8HPH

Vulnerability from github – Published: 2025-08-05 00:30 – Updated: 2025-08-05 00:30
VLAI
Details

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392",
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-04T23:15:28Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\\src\\main\\resources\\config\\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-xm33-6wj2-8hph",
  "modified": "2025-08-05T00:30:26Z",
  "published": "2025-08-05T00:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8530"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elunez/eladmin/issues/883"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elunez/eladmin/issues/883#issue-3252078139"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.318656"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.318656"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.622177"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-XM5P-CW89-F4RG

Vulnerability from github – Published: 2025-03-06 15:34 – Updated: 2025-03-06 15:34
VLAI
Details

Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory. For the telnet service to be enabled, the inserted SD card needs to have a folder with a specific name created.  Two products were tested, but since the vendor has not replied to reports, patching status remains unknown, as well as groups of devices and firmware ranges in which the same password is shared. Newer firmware versions might be vulnerable as well.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-13893"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-06T14:15:35Z",
    "severity": "HIGH"
  },
  "details": "Smartwares cameras\u00a0CIP-37210AT and\u00a0C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory.\nFor the telnet service to be enabled, the inserted SD card needs to have a folder with a specific name created.\u00a0\nTwo products were tested, but since the vendor has not replied to reports, patching status remains unknown, as well as groups of devices and firmware ranges in which the same password is shared.\n Newer firmware versions might be vulnerable as well.",
  "id": "GHSA-xm5p-cw89-f4rg",
  "modified": "2025-03-06T15:34:46Z",
  "published": "2025-03-06T15:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13893"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2025/03/CVE-2024-13892"
    },
    {
      "type": "WEB",
      "url": "https://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-XPWM-VRV5-5MGM

Vulnerability from github – Published: 2024-08-13 15:31 – Updated: 2025-08-22 12:30
VLAI
Details

A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6788"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188",
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T14:15:16Z",
    "severity": "HIGH"
  },
  "details": "A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user \u201cuser-app\u201d to the default password.",
  "id": "GHSA-xpwm-vrv5-5mgm",
  "modified": "2025-08-22T12:30:30Z",
  "published": "2024-08-13T15:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6788"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2024-022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Requirements

Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.

Mitigation
Architecture and Design

Force the administrator to change the credential upon installation.

Mitigation
Installation Operation

The product administrator could change the defaults upon installation or during operation.

No CAPEC attack patterns related to this CWE.