CWE-1393
32 CVEs classified under CWE-1393. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26701 | Critical | 10.0 | 2025-03-11 | An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, an… |
CVE-2024-51555 | Critical | 10.0 | 2024-12-05 | Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the install… |
CVE-2026-35075 | Critical | 9.8 | 2026-06-03 | An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices. |
CVE-2026-33784 | Critical | 9.8 | 2026-04-09 | A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows an unauthenticated, netw… |
CVE-2026-22886 | Critical | 9.8 | 2026-03-03 | OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ships with a default administrative ac… |
CVE-2026-2635 | Critical | 9.8 | 2026-02-20 | MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installatio… |
CVE-2025-8077 | Critical | 9.8 | 2025-09-17 | A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account… |
CVE-2025-27690 | Critical | 9.8 | 2025-04-10 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access coul… |
CVE-2023-45249 | Critical | 9.8 | 2024-07-24 | Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acroni… |
CVE-2023-32090 | Critical | 9.8 | 2023-08-07 | Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials |
CVE-2022-4126 | Critical | 9.6 | 2023-03-27 | Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: befo… |
CVE-2023-25131 | Critical | 9.4 | 2023-04-24 | Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and… |
CVE-2024-29021 | Critical | 9.1 | 2024-04-18 | Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Re… |
CVE-2025-2766 | High | 8.8 | 2025-06-06 | 70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affect… |
CVE-2024-49559 | High | 8.8 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attack… |
CVE-2023-28094 | High | 8.1 | 2023-06-22 | Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials. |
CVE-2023-43042 | High | 7.5 | 2023-12-14 | IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. IBM X-Force ID… |
CVE-2024-13966 | High | 7.3 | 2025-05-27 | ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users… |
CVE-2025-14917 | Medium | 6.7 | 2026-03-25 | IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when… |
CVE-2025-2921 | Medium | 6.4 | 2025-03-28 | A vulnerability classified as critical has been found in Netis WF-2404 1.1.124EN. Affected is an unknown function of the file /etc/passwd. The manipulation wit… |