Skip to main content

CWE-521

Weak Password Requirements

193 CVEs Avg CVSS 7.7 MITRE
71
CRITICAL
61
HIGH
46
MEDIUM
15
LOW
68
POC
0
KEV

Monthly

CVE-2026-35097 MEDIUM PATCH This Month

KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digits, prohibiting alphabetic, special, or extended characters and producing a maximum keyspace of only 1,000,000 possible values (10^6). This CWE-521 (Weak Password Requirements) flaw enables remote unauthenticated brute-force attacks against any customer account, as confirmed by the CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N). No public exploit code or CISA KEV listing exists, but the trivial keyspace means no specialized tooling is required - standard credential automation suffices. CERT-PL reported the issue; a vendor patch was published in June 2026.

Brute Force Information Disclosure E Bok
NVD VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2026-11493 LOW POC Monitor

Weak password requirements in the Samba service of Tenda AC15 firmware 15.03.05.19 expose SMB file-sharing functionality to brute-force attacks from adjacent-network attackers. The flaw originates in the /etc_ro/smb.conf configuration, which enforces insufficient password complexity, enabling unauthenticated local-network adversaries to guess or brute-force credentials and achieve limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the high attack complexity (AC:H) and adjacency requirement (AV:A) constrain realistic exploitation to targeted, in-person or LAN-positioned threat actors.

Tenda Information Disclosure Brute Force
NVD VulDB
CVSS 4.0
1.3
EPSS
0.1%
CVE-2024-40684 MEDIUM This Month

IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Brute Force IBM
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-9394 LOW Monitor

Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.

Information Disclosure Brute Force Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.0%
CVE-2026-41038 HIGH This Week

Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers to gain unauthorized administrative access through password brute-force attacks. CVSS 7.6 reflects adjacent network requirement (AV:A) and high complexity (AC:H), limiting exploitation to attackers already on the local network segment. No active exploitation confirmed (not in CISA KEV), but authentication bypass via brute-force is a well-understood attack primitive requiring only network proximity and time.

Authentication Bypass Brute Force
NVD
CVSS 4.0
7.6
EPSS
0.0%
CVE-2026-6284 CRITICAL CISA Emergency

Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated attackers to gain unauthorized administrative access via network connections. Weak password policies (limited complexity requirements) combined with absent rate limiting enable systematic credential enumeration. CVSS 9.1 (Critical) reflects network-accessible attack with no authentication required. CISA ICS-CERT advisory confirms vulnerability in operational technology environments where PLCs control industrial processes.

Authentication Bypass Brute Force
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-33771 CRITICAL Act Now

Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers to exploit predictable weak passwords on local accounts. The password management function allows administrators to configure complexity requirements but does not save these configurations, verifiable through 'Show password requirements' menu. This defect permits trivial passwords that attackers can brute-force remotely to gain full device control. No public exploit identified at time of analysis.

Authentication Bypass Juniper Brute Force Ctop Os
NVD VulDB
CVSS 4.0
9.1
EPSS
0.0%
CVE-2026-34203 PyPI LOW PATCH GHSA Monitor

Nautobot REST API user creation and modification endpoints bypass Django's configured password validation rules, allowing authenticated administrators to set or modify user passwords that fail to meet organizational security standards. Versions prior to 2.4.30 and 3.0.10 are affected; an authenticated admin with high privileges can create accounts with weak passwords despite configured AUTH_PASSWORD_VALIDATORS rules. CVSS score is 2.7 (low severity) due to requirement for authenticated administrative access; however, organizations with strict password policies relying on Nautobot's config-driven enforcement face integrity risk.

Python Brute Force Information Disclosure
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-55269 MEDIUM This Month

HCL Aftermarket DPC version 1.0.0 enforces weak password policies that enable attackers to conduct brute-force attacks and guess user credentials, potentially gaining unauthorized account access with low confidentiality and availability impact. The vulnerability requires user interaction and high attack complexity to exploit, but affects unauthenticated threat actors over the network. No public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass Aftermarket Dpc
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-27575 Go CRITICAL POC Act Now

Weak password policy in Vikunja task management before 2.0.0 allows users to set trivially guessable passwords. PoC available.

Information Disclosure Vikunja Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digits, prohibiting alphabetic, special, or extended characters and producing a maximum keyspace of only 1,000,000 possible values (10^6). This CWE-521 (Weak Password Requirements) flaw enables remote unauthenticated brute-force attacks against any customer account, as confirmed by the CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N). No public exploit code or CISA KEV listing exists, but the trivial keyspace means no specialized tooling is required - standard credential automation suffices. CERT-PL reported the issue; a vendor patch was published in June 2026.

Brute Force Information Disclosure E Bok
NVD VulDB
EPSS 0% CVSS 1.3
LOW POC Monitor

Weak password requirements in the Samba service of Tenda AC15 firmware 15.03.05.19 expose SMB file-sharing functionality to brute-force attacks from adjacent-network attackers. The flaw originates in the /etc_ro/smb.conf configuration, which enforces insufficient password complexity, enabling unauthenticated local-network adversaries to guess or brute-force credentials and achieve limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the high attack complexity (AC:H) and adjacency requirement (AV:A) constrain realistic exploitation to targeted, in-person or LAN-positioned threat actors.

Tenda Information Disclosure Brute Force
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM This Month

IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Brute Force IBM
NVD VulDB
EPSS 0% CVSS 1.3
LOW Monitor

Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.

Information Disclosure Brute Force Bs20 Ev Charging Station
NVD VulDB GitHub
EPSS 0% CVSS 7.6
HIGH This Week

Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers to gain unauthorized administrative access through password brute-force attacks. CVSS 7.6 reflects adjacent network requirement (AV:A) and high complexity (AC:H), limiting exploitation to attackers already on the local network segment. No active exploitation confirmed (not in CISA KEV), but authentication bypass via brute-force is a well-understood attack primitive requiring only network proximity and time.

Authentication Bypass Brute Force
NVD
EPSS 0% CVSS 9.3
CRITICAL Emergency

Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated attackers to gain unauthorized administrative access via network connections. Weak password policies (limited complexity requirements) combined with absent rate limiting enable systematic credential enumeration. CVSS 9.1 (Critical) reflects network-accessible attack with no authentication required. CISA ICS-CERT advisory confirms vulnerability in operational technology environments where PLCs control industrial processes.

Authentication Bypass Brute Force
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL Act Now

Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers to exploit predictable weak passwords on local accounts. The password management function allows administrators to configure complexity requirements but does not save these configurations, verifiable through 'Show password requirements' menu. This defect permits trivial passwords that attackers can brute-force remotely to gain full device control. No public exploit identified at time of analysis.

Authentication Bypass Juniper Brute Force +1
NVD VulDB
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Nautobot REST API user creation and modification endpoints bypass Django's configured password validation rules, allowing authenticated administrators to set or modify user passwords that fail to meet organizational security standards. Versions prior to 2.4.30 and 3.0.10 are affected; an authenticated admin with high privileges can create accounts with weak passwords despite configured AUTH_PASSWORD_VALIDATORS rules. CVSS score is 2.7 (low severity) due to requirement for authenticated administrative access; however, organizations with strict password policies relying on Nautobot's config-driven enforcement face integrity risk.

Python Brute Force Information Disclosure
NVD GitHub
EPSS 0% CVSS 4.2
MEDIUM This Month

HCL Aftermarket DPC version 1.0.0 enforces weak password policies that enable attackers to conduct brute-force attacks and guess user credentials, potentially gaining unauthorized account access with low confidentiality and availability impact. The vulnerability requires user interaction and high attack complexity to exploit, but affects unauthenticated threat actors over the network. No public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass Aftermarket Dpc
NVD
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

Weak password policy in Vikunja task management before 2.0.0 allows users to set trivially guessable passwords. PoC available.

Information Disclosure Vikunja Suse
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy