By weakness (CWE)
CWE-798: related vulnerabilities
CVEs classified under CWE-798. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
5 published vulnerabilities
- CVE-2019-25722HIGH 7.6
Dräger's patient monitoring devices contain hard-coded login credentials embedded in their source code and are vulnerable to denial-of-service attacks via malformed network packets. An attacker with physical access can use these credentials to gain unauthorized entry and reconfigure clinical settings. A remote attacker can crash the devices repeatedly, severing network connectivity and interrupting patient monitoring—a particularly serious concern in hospital environments where continuous surveillance is critical to patient care.
- CVE-2026-36606HIGH 7.1
Mercusys AC12G (EU) V1 routers running firmware version AC12G(EU)_V1_200909 store backup files that are encrypted with a hardcoded, publicly discoverable key using weak encryption. Anyone who obtains a backup file—whether through direct device access, cloud storage misconfiguration, or phishing—can decrypt it and extract sensitive credentials including the admin password, WiFi pre-shared key, and DDNS login information. This is a local attack that depends on an attacker first gaining access to the backup file itself.
- CVE-2026-25600MEDIUM 6.4
PDBM application contains a critical cryptographic weakness: a single hard-coded encryption secret embedded in the executable file that is identical across all installations. This secret is used to encrypt and decrypt user credentials stored in the application's configuration files. An attacker with local system access can extract this secret from the PDBM.exe binary, then use it to decrypt stored administrative credentials. Because the default configuration assigns these credentials administrative privileges within PDBM, successful exploitation grants attackers complete control over the application's management functions and operational capabilities.
- CVE-2026-21404MEDIUM 6.3
NAVTOR NavBox versions up to 4.16.1.20 contain hard-coded credentials embedded in its SOAP (Windows Communication Foundation) implementation. When SOAP functionality is enabled, a local user with basic system access can extract these credentials, authenticate to the SOAP interface, and gain unauthorized access to privileged methods that allow arbitrary file write and overwrite operations on the system. This vulnerability requires local access to trigger but bypasses intended security workflows entirely.
- CVE-2026-36616MEDIUM 5.9
Mercusys AC12G (EU) V1 routers contain hardcoded credentials baked directly into the firmware. A researcher can extract a WiFi driver password, RADIUS shared secret, WPS test key, and default network password from the device's production binary. This allows someone with network access to bypass WiFi protections and potentially reach internal network resources, though the attack requires being within radio range and some technical effort to extract and use these credentials.