Description
The product uses default passwords for potentially critical functionality.
Extended Description
It is common practice for products to be designed to use default passwords for authentication. The rationale is to simplify the manufacturing process or the system administrator's task of installation and deployment into an enterprise. However, if admins do not change the defaults, then it makes it easier for attackers to quickly bypass authentication across multiple organizations. There are many lists of default passwords and default-password scanning tools that are easily available from the World Wide Web.
CVE vulnerabilities with CWE-1393 (40)
10.0
CVSS
CRITICAL
CVE-2025-26701
pub. 2025-03-11
9.8
CVSS
CRITICAL
CVE-2026-22886
pub. 2026-03-03
9.8
CVSS
CRITICAL
CVE-2025-8077
pub. 2025-09-17
9.8
CVSS
CRITICAL
CVE-2025-27690
pub. 2025-04-10
9.8
CVSS
CRITICAL
CVE-2025-22938
pub. 2025-03-31
9.8
CVSS
CRITICAL
CVE-2024-50588
pub. 2024-11-08
9.8
CVSS
CRITICAL
CVE-2023-45249
pub. 2024-07-24🚩 CISA KEV⚡ EXPLOIT
9.8
CVSS
CRITICAL
CVE-2024-30802
pub. 2024-05-14
9.8
CVSS
CRITICAL
CVE-2024-29666
pub. 2024-03-25
9.8
CVSS
CRITICAL
CVE-2023-24049
pub. 2023-12-04
9.8
CVSS
CRITICAL
CVE-2023-32090
pub. 2023-08-07
9.6
CVSS
CRITICAL
CVE-2022-4126
pub. 2023-03-27
9.4
CVSS
CRITICAL
CVE-2026-4404
pub. 2026-03-23
9.4
CVSS
CRITICAL
CVE-2023-25131
pub. 2023-04-24
9.3
CVSS
CRITICAL
CVE-2026-35075
pub. 2026-06-03
9.3
CVSS
CRITICAL
CVE-2026-33784
pub. 2026-04-09
9.3
CVSS
CRITICAL
CVE-2026-24429
pub. 2026-01-26
9.3
CVSS
CRITICAL
CVE-2025-66050
pub. 2026-01-09
9.3
CVSS
CRITICAL
CVE-2025-26793
pub. 2025-02-15
9.3
CVSS
CRITICAL
CVE-2024-51555
pub. 2024-12-05
Showing 20 of 40 vulnerabilities