Common Weakness Enumeration

CWE-1391

Allowed-with-Review

Use of Weak Credentials

Abstraction: Class · Status: Incomplete

The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.

98 vulnerabilities reference this CWE, most recent first.

GHSA-QM85-XHQ4-W756

Vulnerability from github – Published: 2025-10-27 12:32 – Updated: 2025-10-27 12:32
VLAI
Details

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-59460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-27T11:15:40Z",
    "severity": "HIGH"
  },
  "details": "The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.",
  "id": "GHSA-qm85-xhq4-w756",
  "modified": "2025-10-27T12:32:52Z",
  "published": "2025-10-27T12:32:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59460"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
    },
    {
      "type": "WEB",
      "url": "https://www.first.org/cvss/calculator/3.1"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QMWG-P2M2-4R2X

Vulnerability from github – Published: 2025-07-22 18:30 – Updated: 2025-11-25 18:32
VLAI
Details

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe.

This issue affects the following versions :

  • Devolutions Server 2025.2.2.0 through 2025.2.3.0
  • Devolutions Server 2025.1.11.0 and earlier
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-6523"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-22T17:15:33Z",
    "severity": "HIGH"
  },
  "details": "Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe.\n\nThis issue affects the following versions :\n\n  *  Devolutions Server 2025.2.2.0 through 2025.2.3.0\n  *  \nDevolutions Server 2025.1.11.0 and earlier",
  "id": "GHSA-qmwg-p2m2-4r2x",
  "modified": "2025-11-25T18:32:18Z",
  "published": "2025-07-22T18:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6523"
    },
    {
      "type": "WEB",
      "url": "https://devolutions.net/security/advisories/DEVO-2025-0012"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R7VJ-FFGG-6JJ4

Vulnerability from github – Published: 2026-03-19 18:31 – Updated: 2026-03-24 03:31
VLAI
Details

Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass and full device access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-67114"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-19T18:16:15Z",
    "severity": "CRITICAL"
  },
  "details": "Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device\u0027s MAC address, enabling authentication bypass and full device access.",
  "id": "GHSA-r7vj-ffgg-6jj4",
  "modified": "2026-03-24T03:31:19Z",
  "published": "2026-03-19T18:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67114"
    },
    {
      "type": "WEB",
      "url": "https://fcc.report/FCC-ID/P27-SCE4255W/4790935.pdf"
    },
    {
      "type": "WEB",
      "url": "https://freedomfi.com/index.html"
    },
    {
      "type": "WEB",
      "url": "https://neroteam.com/blog/freedomfi-sercomm-sce4255w-englewood"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RHFH-GM98-5FX4

Vulnerability from github – Published: 2023-07-06 21:15 – Updated: 2024-09-19 15:30
VLAI
Details

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-05T04:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "Improper Privilege Management vulnerability in ABB Ltd. ASPECT\u00ae-Enterprise on ASPECT\u00ae-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT\u00ae-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.\n\n",
  "id": "GHSA-rhfh-gm98-5fx4",
  "modified": "2024-09-19T15:30:47Z",
  "published": "2023-07-06T21:15:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0635"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RHJX-JWV4-JJ63

Vulnerability from github – Published: 2024-08-12 21:31 – Updated: 2024-08-21 18:31
VLAI
Details

A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-40892"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-12T19:15:16Z",
    "severity": "HIGH"
  },
  "details": "A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).",
  "id": "GHSA-rhjx-jwv4-jj63",
  "modified": "2024-08-21T18:31:27Z",
  "published": "2024-08-12T21:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40892"
    },
    {
      "type": "WEB",
      "url": "https://vulncheck.com/advisories/firewalla-bt-weak-credentials"
    },
    {
      "type": "WEB",
      "url": "https://www.labs.greynoise.io/grimoire/2024-08-20-bluuid-firewalla"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V47R-MPM7-6768

Vulnerability from github – Published: 2024-10-23 00:31 – Updated: 2024-10-23 00:31
VLAI
Details

Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-22T22:15:04Z",
    "severity": "CRITICAL"
  },
  "details": "Kieback \u0026 Peter\u0027s DDC4000 series\u00a0uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.",
  "id": "GHSA-v47r-mpm7-6768",
  "modified": "2024-10-23T00:31:44Z",
  "published": "2024-10-23T00:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43698"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-05"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-VQ59-JW46-8PM8

Vulnerability from github – Published: 2024-12-06 21:30 – Updated: 2024-12-06 21:30
VLAI
Details

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45722"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-06T19:15:12Z",
    "severity": "HIGH"
  },
  "details": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.",
  "id": "GHSA-vq59-jw46-8pm8",
  "modified": "2024-12-06T21:30:39Z",
  "published": "2024-12-06T21:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45722"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-VW9V-5H73-96PW

Vulnerability from github – Published: 2024-01-10 15:30 – Updated: 2024-01-10 15:30
VLAI
Details

The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-48257"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391",
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-10T13:15:46Z",
    "severity": "HIGH"
  },
  "details": "The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request.",
  "id": "GHSA-vw9v-5h73-96pw",
  "modified": "2024-01-10T15:30:19Z",
  "published": "2024-01-10T15:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48257"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W4Q5-WVRC-8PX6

Vulnerability from github – Published: 2025-08-07 06:30 – Updated: 2025-08-07 06:30
VLAI
Details

On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-35970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-07T06:15:42Z",
    "severity": "HIGH"
  },
  "details": "On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.",
  "id": "GHSA-w4q5-wvrc-8px6",
  "modified": "2025-08-07T06:30:30Z",
  "published": "2025-08-07T06:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35970"
    },
    {
      "type": "WEB",
      "url": "https://global.fujifilm.com/en/news/hq/697e"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU91363496"
    },
    {
      "type": "WEB",
      "url": "https://www.epson.jp/support/misc_t/250807_oshirase.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-W9XJ-7XH9-MQ78

Vulnerability from github – Published: 2023-05-23 00:30 – Updated: 2024-04-04 04:17
VLAI
Details

The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-46738"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-22T23:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.",
  "id": "GHSA-w9xj-7xh9-mq78",
  "modified": "2024-04-04T04:17:04Z",
  "published": "2023-05-23T00:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46738"
    },
    {
      "type": "WEB",
      "url": "https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Operation

When the user changes or sets a password, check the password against a database of already compromised or breached passwords. These passwords are likely to be used in password guessing attacks.

No CAPEC attack patterns related to this CWE.