CVE Daily
← All tags

Tag: Default Credentials

All CVEs associated with "Default Credentials". Page 1/1 • 19 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-08-17
High

CVE-2025-7342

A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process. Additionally, virtual machine images built using the Nutanix or t…

CVSS: 7.5 CWE: CWE-798
Read more
2025-08-13
High

CVE-2012-10056

PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its document upload functionality. Authenticated users can upload files to the mods/documents/uploads/ direct…

CVSS: 8.7 CWE: CWE-434
Read more
Medium

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default cr…

CVSS: 5.3 CWE: CWE-1392
Read more
2025-08-08
High

CVE-2012-10042

Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials (admin:secret) and allows authenticated u…

CVSS: 8.7 CWE: CWE-434
Read more
Critical

CVE-2025-8731

A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default creden…

CVSS: 9.8 CWE: CWE-1392
Read more
2025-08-06
High

CVE-2025-7769

Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api endpoint when the DEVICE_PING command is called, allowing remote code execution due to improper handlin…

CVSS: 8.7 CWE: CWE-77
Read more
2025-08-04
Medium

CVE-2025-8530

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\co…

CVSS: 5.3 CWE: CWE-1392
Read more
2025-08-01
High

CVE-2013-10059

An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to san…

CVSS: 8.6 CWE: CWE-78
Read more
2025-07-28
Critical

CVE-2025-30125

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with the same default credentials of 12345678, which creates an insecure-by-default condition. For users w…

CVSS: 9.8 CWE: CWE-798
Read more
Critical

CVE-2025-30133

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP serv…

CVSS: 9.8 CWE: CWE-284
Read more
2025-07-22
Medium

CVE-2025-43021

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has a…

CVSS: 5.9 CWE: CWE-1393
Read more
High

CVE-2025-54137

HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts…

CVSS: 7.3 CWE: CWE-1392
Read more
2025-07-20
Medium

CVE-2025-7907

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml o…

CVSS: 4.3 CWE: CWE-1392
Read more
2025-07-16
Medium

CVE-2025-53758

This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials at its web management interface. An attacker with physical access could exploit this vulnerability by e…

CVSS: 5.1 CWE: CWE-312
Read more
2025-07-11
Critical

CVE-2025-7503

An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default credentials. The Telnet service is enabled by default and…

CVSS: 10.0 CWE: CWE-798
Read more
2025-06-06
High

CVE-2025-2766

70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of 70mai A510. Authenti…

CVSS: 8.8 CWE: CWE-1393
Read more
2025-05-13
High

CVE-2025-22460

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.

CVSS: 7.8 CWE: CWE-1392
Read more
2025-03-31
Critical

CVE-2025-22938

Adtran 411 ONT L80.00.0011.M2 was discovered to contain weak default passwords.

CVSS: 9.8 CWE: CWE-1393
Read more
2025-02-11
High

CVE-2024-54015

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.…

CVSS: 7.5 CWE: CWE-1392
Read more