Common Weakness Enumeration

CWE-1392

Allowed

Use of Default Credentials

Abstraction: Base · Status: Incomplete

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

191 vulnerabilities reference this CWE, most recent first.

GHSA-J48F-GJX4-8G9F

Vulnerability from github – Published: 2026-02-27 18:31 – Updated: 2026-02-27 18:31
VLAI
Details

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-27751"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-27T18:16:12Z",
    "severity": "CRITICAL"
  },
  "details": "SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.",
  "id": "GHSA-j48f-gjx4-8g9f",
  "modified": "2026-02-27T18:31:06Z",
  "published": "2026-02-27T18:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27751"
    },
    {
      "type": "WEB",
      "url": "https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-use-of-default-credentials"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-J8XR-3XQM-72RH

Vulnerability from github – Published: 2026-02-12 18:30 – Updated: 2026-02-12 18:30
VLAI
Details

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all default passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54756"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-12T17:16:04Z",
    "severity": "HIGH"
  },
  "details": "BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or \nseries 5 prior to v9.0.166 use a default password that is guessable with\n knowledge of the device information. The latest release fixes this \nissue for new installations; users of old installations are encouraged \nto change all default passwords.",
  "id": "GHSA-j8xr-3xqm-72rh",
  "modified": "2026-02-12T18:30:23Z",
  "published": "2026-02-12T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54756"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-126-03.json"
    },
    {
      "type": "WEB",
      "url": "https://www.brightsign.biz/resources/software-downloads"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-JF2Q-Q2V4-H63R

Vulnerability from github – Published: 2024-10-28 18:31 – Updated: 2024-10-28 18:31
VLAI
Details

Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market.

This issue affects SmartPlay: 66T0.05.50.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6245"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-28T17:15:04Z",
    "severity": "MODERATE"
  },
  "details": "Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market.\n\nThis issue affects SmartPlay: 66T0.05.50.",
  "id": "GHSA-jf2q-q2v4-h63r",
  "modified": "2024-10-28T18:31:42Z",
  "published": "2024-10-28T18:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6245"
    },
    {
      "type": "WEB",
      "url": "https://www.global-infotainment-system.com/en/top.html"
    },
    {
      "type": "WEB",
      "url": "https://www.marutisuzuki.com/corporate/technology/smartplay-systems"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M242-FCX4-2H8F

Vulnerability from github – Published: 2026-07-08 18:31 – Updated: 2026-07-08 18:31
VLAI
Details

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-3144"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-08T16:16:28Z",
    "severity": "HIGH"
  },
  "details": "IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.",
  "id": "GHSA-m242-fcx4-2h8f",
  "modified": "2026-07-08T18:31:35Z",
  "published": "2026-07-08T18:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3144"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7278909"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M5H2-R64R-63JH

Vulnerability from github – Published: 2025-09-09 21:30 – Updated: 2025-09-09 21:30
VLAI
Details

CWE-1392: Use of Default Credentials

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55051"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-09T19:15:54Z",
    "severity": "CRITICAL"
  },
  "details": "CWE-1392: Use of Default Credentials",
  "id": "GHSA-m5h2-r64r-63jh",
  "modified": "2025-09-09T21:30:27Z",
  "published": "2025-09-09T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55051"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MMH3-9RWX-PCH9

Vulnerability from github – Published: 2026-01-23 12:30 – Updated: 2026-01-23 12:30
VLAI
Details

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-22273"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-23T10:15:53Z",
    "severity": "HIGH"
  },
  "details": "Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.",
  "id": "GHSA-mmh3-9rwx-pch9",
  "modified": "2026-01-23T12:30:28Z",
  "published": "2026-01-23T12:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22273"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000415880/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P24J-PHQW-PQF4

Vulnerability from github – Published: 2023-09-03 15:30 – Updated: 2024-04-04 07:22
VLAI
Details

Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3703"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-03T15:15:14Z",
    "severity": "CRITICAL"
  },
  "details": "\n\n\n\n\n\n\n\n\nProscend Advice ICR Series routers FW version 1.76\u00a0- CWE-1392: Use of Default Credentials",
  "id": "GHSA-p24j-phqw-pqf4",
  "modified": "2024-04-04T07:22:52Z",
  "published": "2023-09-03T15:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3703"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P3M3-2JC5-VVP6

Vulnerability from github – Published: 2026-06-02 15:32 – Updated: 2026-06-02 15:32
VLAI
Details

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-9844"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T14:17:14Z",
    "severity": "HIGH"
  },
  "details": "Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords.\u00a0This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.",
  "id": "GHSA-p3m3-2jc5-vvp6",
  "modified": "2026-06-02T15:32:13Z",
  "published": "2026-06-02T15:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9844"
    },
    {
      "type": "WEB",
      "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P4CH-HVFQ-QQQ4

Vulnerability from github – Published: 2026-03-06 00:31 – Updated: 2026-03-06 00:31
VLAI
Details

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-28713"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-06T00:16:11Z",
    "severity": "HIGH"
  },
  "details": "Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.",
  "id": "GHSA-p4ch-hvfq-qqq4",
  "modified": "2026-03-06T00:31:35Z",
  "published": "2026-03-06T00:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28713"
    },
    {
      "type": "WEB",
      "url": "https://security-advisory.acronis.com/advisories/SEC-4168"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P4V2-9GRQ-VM24

Vulnerability from github – Published: 2025-12-04 15:30 – Updated: 2025-12-05 21:30
VLAI
Details

The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default credentials; however, a password change policy for default administrative accounts is not enforced. Many deployments may retain default credentials, in which case an attacker is likely to be able to successfully authenticate with administrative privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54303"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1392"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-04T15:15:58Z",
    "severity": "CRITICAL"
  },
  "details": "The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default credentials; however, a password change policy for default administrative accounts is not enforced. Many deployments may retain default credentials, in which case an attacker is likely to be able to successfully authenticate with administrative privileges.",
  "id": "GHSA-p4v2-9grq-vm24",
  "modified": "2025-12-05T21:30:22Z",
  "published": "2025-12-04T15:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54303"
    },
    {
      "type": "WEB",
      "url": "https://assets.thermofisher.com/TFS-Assets/LSG/manuals/MAN0026163-Torrent-Suite-5.18-UG.pdf"
    },
    {
      "type": "WEB",
      "url": "https://documents.thermofisher.com/TFS-Assets/CORP/Product-Guides/Ion_OneTouch_2_and_Torrent_Suite_Software.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.thermofisher.com/us/en/home/life-science/sequencing/next-generation-sequencing/ion-torrent-next-generation-sequencing-workflow/ion-torrent-next-generation-sequencing-data-analysis-workflow/ion-torrent-suite-software.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Requirements

Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.

Mitigation
Architecture and Design

Force the administrator to change the credential upon installation.

Mitigation
Installation Operation

The product administrator could change the defaults upon installation or during operation.

No CAPEC attack patterns related to this CWE.