CWE-259
2 CVEs of this weakness class.
- CVE-2024-38885HIGH 7.5Real · low riskEPSS 1%
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application.
- CVE-2024-35395HIGH 8.8Real · low riskEPSS 0%
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.