CWE-1391
Allowed-with-ReviewUse of Weak Credentials
Abstraction: Class · Status: Incomplete
The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
98 vulnerabilities reference this CWE, most recent first.
GHSA-QM85-XHQ4-W756
Vulnerability from github – Published: 2025-10-27 12:32 – Updated: 2025-10-27 12:32The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.
{
"affected": [],
"aliases": [
"CVE-2025-59460"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-27T11:15:40Z",
"severity": "HIGH"
},
"details": "The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.",
"id": "GHSA-qm85-xhq4-w756",
"modified": "2025-10-27T12:32:52Z",
"published": "2025-10-27T12:32:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59460"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"type": "WEB",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf"
},
{
"type": "WEB",
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QMWG-P2M2-4R2X
Vulnerability from github – Published: 2025-07-22 18:30 – Updated: 2025-11-25 18:32Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe.
This issue affects the following versions :
- Devolutions Server 2025.2.2.0 through 2025.2.3.0
- Devolutions Server 2025.1.11.0 and earlier
{
"affected": [],
"aliases": [
"CVE-2025-6523"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-22T17:15:33Z",
"severity": "HIGH"
},
"details": "Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe.\n\nThis issue affects the following versions :\n\n * Devolutions Server 2025.2.2.0 through 2025.2.3.0\n * \nDevolutions Server 2025.1.11.0 and earlier",
"id": "GHSA-qmwg-p2m2-4r2x",
"modified": "2025-11-25T18:32:18Z",
"published": "2025-07-22T18:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6523"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2025-0012"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R7VJ-FFGG-6JJ4
Vulnerability from github – Published: 2026-03-19 18:31 – Updated: 2026-03-24 03:31Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass and full device access.
{
"affected": [],
"aliases": [
"CVE-2025-67114"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-19T18:16:15Z",
"severity": "CRITICAL"
},
"details": "Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device\u0027s MAC address, enabling authentication bypass and full device access.",
"id": "GHSA-r7vj-ffgg-6jj4",
"modified": "2026-03-24T03:31:19Z",
"published": "2026-03-19T18:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67114"
},
{
"type": "WEB",
"url": "https://fcc.report/FCC-ID/P27-SCE4255W/4790935.pdf"
},
{
"type": "WEB",
"url": "https://freedomfi.com/index.html"
},
{
"type": "WEB",
"url": "https://neroteam.com/blog/freedomfi-sercomm-sce4255w-englewood"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RHFH-GM98-5FX4
Vulnerability from github – Published: 2023-07-06 21:15 – Updated: 2024-09-19 15:30Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.
{
"affected": [],
"aliases": [
"CVE-2023-0635"
],
"database_specific": {
"cwe_ids": [
"CWE-1391",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-05T04:15:09Z",
"severity": "CRITICAL"
},
"details": "Improper Privilege Management vulnerability in ABB Ltd. ASPECT\u00ae-Enterprise on ASPECT\u00ae-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT\u00ae-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.\n\n",
"id": "GHSA-rhfh-gm98-5fx4",
"modified": "2024-09-19T15:30:47Z",
"published": "2023-07-06T21:15:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0635"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RHJX-JWV4-JJ63
Vulnerability from github – Published: 2024-08-12 21:31 – Updated: 2024-08-21 18:31A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).
{
"affected": [],
"aliases": [
"CVE-2024-40892"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-12T19:15:16Z",
"severity": "HIGH"
},
"details": "A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).",
"id": "GHSA-rhjx-jwv4-jj63",
"modified": "2024-08-21T18:31:27Z",
"published": "2024-08-12T21:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40892"
},
{
"type": "WEB",
"url": "https://vulncheck.com/advisories/firewalla-bt-weak-credentials"
},
{
"type": "WEB",
"url": "https://www.labs.greynoise.io/grimoire/2024-08-20-bluuid-firewalla"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V47R-MPM7-6768
Vulnerability from github – Published: 2024-10-23 00:31 – Updated: 2024-10-23 00:31Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.
{
"affected": [],
"aliases": [
"CVE-2024-43698"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-22T22:15:04Z",
"severity": "CRITICAL"
},
"details": "Kieback \u0026 Peter\u0027s DDC4000 series\u00a0uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.",
"id": "GHSA-v47r-mpm7-6768",
"modified": "2024-10-23T00:31:44Z",
"published": "2024-10-23T00:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43698"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VQ59-JW46-8PM8
Vulnerability from github – Published: 2024-12-06 21:30 – Updated: 2024-12-06 21:30Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.
{
"affected": [],
"aliases": [
"CVE-2024-45722"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-06T19:15:12Z",
"severity": "HIGH"
},
"details": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.",
"id": "GHSA-vq59-jw46-8pm8",
"modified": "2024-12-06T21:30:39Z",
"published": "2024-12-06T21:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45722"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VW9V-5H73-96PW
Vulnerability from github – Published: 2024-01-10 15:30 – Updated: 2024-01-10 15:30The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request.
{
"affected": [],
"aliases": [
"CVE-2023-48257"
],
"database_specific": {
"cwe_ids": [
"CWE-1391",
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-10T13:15:46Z",
"severity": "HIGH"
},
"details": "The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request.",
"id": "GHSA-vw9v-5h73-96pw",
"modified": "2024-01-10T15:30:19Z",
"published": "2024-01-10T15:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48257"
},
{
"type": "WEB",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W4Q5-WVRC-8PX6
Vulnerability from github – Published: 2025-08-07 06:30 – Updated: 2025-08-07 06:30On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.
{
"affected": [],
"aliases": [
"CVE-2025-35970"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-07T06:15:42Z",
"severity": "HIGH"
},
"details": "On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.",
"id": "GHSA-w4q5-wvrc-8px6",
"modified": "2025-08-07T06:30:30Z",
"published": "2025-08-07T06:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35970"
},
{
"type": "WEB",
"url": "https://global.fujifilm.com/en/news/hq/697e"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU91363496"
},
{
"type": "WEB",
"url": "https://www.epson.jp/support/misc_t/250807_oshirase.htm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W9XJ-7XH9-MQ78
Vulnerability from github – Published: 2023-05-23 00:30 – Updated: 2024-04-04 04:17The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.
{
"affected": [],
"aliases": [
"CVE-2022-46738"
],
"database_specific": {
"cwe_ids": [
"CWE-1391"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-22T23:15:09Z",
"severity": "CRITICAL"
},
"details": "The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.",
"id": "GHSA-w9xj-7xh9-mq78",
"modified": "2024-04-04T04:17:04Z",
"published": "2023-05-23T00:30:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46738"
},
{
"type": "WEB",
"url": "https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
Mitigation
When the user changes or sets a password, check the password against a database of already compromised or breached passwords. These passwords are likely to be used in password guessing attacks.
No CAPEC attack patterns related to this CWE.