Brute Force
Monthly
KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digits, prohibiting alphabetic, special, or extended characters and producing a maximum keyspace of only 1,000,000 possible values (10^6). This CWE-521 (Weak Password Requirements) flaw enables remote unauthenticated brute-force attacks against any customer account, as confirmed by the CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N). No public exploit code or CISA KEV listing exists, but the trivial keyspace means no specialized tooling is required - standard credential automation suffices. CERT-PL reported the issue; a vendor patch was published in June 2026.
Weak password requirements in the Samba service of Tenda AC15 firmware 15.03.05.19 expose SMB file-sharing functionality to brute-force attacks from adjacent-network attackers. The flaw originates in the /etc_ro/smb.conf configuration, which enforces insufficient password complexity, enabling unauthenticated local-network adversaries to guess or brute-force credentials and achieve limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the high attack complexity (AC:H) and adjacency requirement (AV:A) constrain realistic exploitation to targeted, in-person or LAN-positioned threat actors.
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.
Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers to gain unauthorized administrative access through password brute-force attacks. CVSS 7.6 reflects adjacent network requirement (AV:A) and high complexity (AC:H), limiting exploitation to attackers already on the local network segment. No active exploitation confirmed (not in CISA KEV), but authentication bypass via brute-force is a well-understood attack primitive requiring only network proximity and time.
Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated attackers to gain unauthorized administrative access via network connections. Weak password policies (limited complexity requirements) combined with absent rate limiting enable systematic credential enumeration. CVSS 9.1 (Critical) reflects network-accessible attack with no authentication required. CISA ICS-CERT advisory confirms vulnerability in operational technology environments where PLCs control industrial processes.
Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers to exploit predictable weak passwords on local accounts. The password management function allows administrators to configure complexity requirements but does not save these configurations, verifiable through 'Show password requirements' menu. This defect permits trivial passwords that attackers can brute-force remotely to gain full device control. No public exploit identified at time of analysis.
Nautobot REST API user creation and modification endpoints bypass Django's configured password validation rules, allowing authenticated administrators to set or modify user passwords that fail to meet organizational security standards. Versions prior to 2.4.30 and 3.0.10 are affected; an authenticated admin with high privileges can create accounts with weak passwords despite configured AUTH_PASSWORD_VALIDATORS rules. CVSS score is 2.7 (low severity) due to requirement for authenticated administrative access; however, organizations with strict password policies relying on Nautobot's config-driven enforcement face integrity risk.
777Vr1 Firmware versions up to 01.00.09 contains a vulnerability that allows attackers to weak password requirements (CVSS 2.0).
Aion versions up to 2.0 contains a vulnerability that allows attackers to the use of easily guessable passwords, potentially resulting in unauthorized acc (CVSS 3.1).
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account password to an empty string due to missing server-side validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
General Industrial Controls Lynx+ Gateway is vulnerable to a weak password requirement vulnerability, which may allow an attacker to execute a brute-force attack resulting in unauthorized access and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Drupal Protected Pages module fails to implement rate limiting on authentication attempts, enabling unauthenticated attackers to conduct brute force attacks against password-protected content. Affected versions include Protected Pages 0.0.0 through 1.7.x and 7.x-1.0 through 7.x-2.4. The vulnerability permits attackers to enumerate valid credentials and bypass access controls through repeated login submissions without detection or throttling mechanisms. No public exploit code or active exploitation has been confirmed; EPSS scoring of 0.05% (15th percentile) indicates low real-world exploitation likelihood despite the moderate CVSS score of 6.5.
Weak password requirements in Mangati NovoSGA up to version 2.2.12 allow remote attackers to bypass password policy validation during user account creation via manipulation of the Senha/Confirmação da senha (password/password confirmation) parameters on the /novosga.users/new endpoint. The vulnerability is difficult to exploit (CVSS AC:H) and offers only low confidentiality impact, but public exploit code is available and enables brute-force attacks against weak user credentials. EPSS score of 0.04% (percentile 12%) indicates limited real-world exploitation likelihood despite CVE publication.
No password for the root user is set in Novakon P series. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
H3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.
A vulnerability has been found in macrozheng mall up to 1.0.3. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.
Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible passwords. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak password requirements in Tenda AC18 firmware version 15.03.05.19 allow remote attackers to conduct brute-force attacks against Samba authentication via the /etc_ro/smb.conf configuration file. The vulnerability requires high attack complexity and has been publicly disclosed, though exploitation difficulty remains elevated. CVSS 2.9 and EPSS 0.07% (20th percentile) indicate low real-world risk despite proof-of-concept availability.
Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.
User enumeration vulnerability affecting web management interfaces where usernames are limited to device identifiers (10-digit numerical values). An unauthenticated remote attacker can enumerate valid user accounts by systematically testing digit sequences, potentially gaining information disclosure and limited system manipulation capabilities. The CVSS 8.6 rating reflects high confidentiality impact, though patch status and active exploitation details require vendor-specific assessment.
Schule is open-source school management system software. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Users who were required to change their password could still access system information before changing their password. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in Znuny before 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Smart Office up to 20240405. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Weak MySQL database root password in LaborOfficeFree affects version 19.10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Weak MySQL database root password in LaborOfficeFree affects version 19.10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic.php. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
HCL Compass is vulnerable to insecure password requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cloudexplorer-lite is an open source cloud software stack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.1.0 through 1.6.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Kiwi TCMS is an open source test management system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digits, prohibiting alphabetic, special, or extended characters and producing a maximum keyspace of only 1,000,000 possible values (10^6). This CWE-521 (Weak Password Requirements) flaw enables remote unauthenticated brute-force attacks against any customer account, as confirmed by the CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N). No public exploit code or CISA KEV listing exists, but the trivial keyspace means no specialized tooling is required - standard credential automation suffices. CERT-PL reported the issue; a vendor patch was published in June 2026.
Weak password requirements in the Samba service of Tenda AC15 firmware 15.03.05.19 expose SMB file-sharing functionality to brute-force attacks from adjacent-network attackers. The flaw originates in the /etc_ro/smb.conf configuration, which enforces insufficient password complexity, enabling unauthenticated local-network adversaries to guess or brute-force credentials and achieve limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the high attack complexity (AC:H) and adjacency requirement (AV:A) constrain realistic exploitation to targeted, in-person or LAN-positioned threat actors.
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.
Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers to gain unauthorized administrative access through password brute-force attacks. CVSS 7.6 reflects adjacent network requirement (AV:A) and high complexity (AC:H), limiting exploitation to attackers already on the local network segment. No active exploitation confirmed (not in CISA KEV), but authentication bypass via brute-force is a well-understood attack primitive requiring only network proximity and time.
Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated attackers to gain unauthorized administrative access via network connections. Weak password policies (limited complexity requirements) combined with absent rate limiting enable systematic credential enumeration. CVSS 9.1 (Critical) reflects network-accessible attack with no authentication required. CISA ICS-CERT advisory confirms vulnerability in operational technology environments where PLCs control industrial processes.
Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers to exploit predictable weak passwords on local accounts. The password management function allows administrators to configure complexity requirements but does not save these configurations, verifiable through 'Show password requirements' menu. This defect permits trivial passwords that attackers can brute-force remotely to gain full device control. No public exploit identified at time of analysis.
Nautobot REST API user creation and modification endpoints bypass Django's configured password validation rules, allowing authenticated administrators to set or modify user passwords that fail to meet organizational security standards. Versions prior to 2.4.30 and 3.0.10 are affected; an authenticated admin with high privileges can create accounts with weak passwords despite configured AUTH_PASSWORD_VALIDATORS rules. CVSS score is 2.7 (low severity) due to requirement for authenticated administrative access; however, organizations with strict password policies relying on Nautobot's config-driven enforcement face integrity risk.
777Vr1 Firmware versions up to 01.00.09 contains a vulnerability that allows attackers to weak password requirements (CVSS 2.0).
Aion versions up to 2.0 contains a vulnerability that allows attackers to the use of easily guessable passwords, potentially resulting in unauthorized acc (CVSS 3.1).
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account password to an empty string due to missing server-side validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
General Industrial Controls Lynx+ Gateway is vulnerable to a weak password requirement vulnerability, which may allow an attacker to execute a brute-force attack resulting in unauthorized access and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Drupal Protected Pages module fails to implement rate limiting on authentication attempts, enabling unauthenticated attackers to conduct brute force attacks against password-protected content. Affected versions include Protected Pages 0.0.0 through 1.7.x and 7.x-1.0 through 7.x-2.4. The vulnerability permits attackers to enumerate valid credentials and bypass access controls through repeated login submissions without detection or throttling mechanisms. No public exploit code or active exploitation has been confirmed; EPSS scoring of 0.05% (15th percentile) indicates low real-world exploitation likelihood despite the moderate CVSS score of 6.5.
Weak password requirements in Mangati NovoSGA up to version 2.2.12 allow remote attackers to bypass password policy validation during user account creation via manipulation of the Senha/Confirmação da senha (password/password confirmation) parameters on the /novosga.users/new endpoint. The vulnerability is difficult to exploit (CVSS AC:H) and offers only low confidentiality impact, but public exploit code is available and enables brute-force attacks against weak user credentials. EPSS score of 0.04% (percentile 12%) indicates limited real-world exploitation likelihood despite CVE publication.
No password for the root user is set in Novakon P series. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
H3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.
A vulnerability has been found in macrozheng mall up to 1.0.3. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.
Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible passwords. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak password requirements in Tenda AC18 firmware version 15.03.05.19 allow remote attackers to conduct brute-force attacks against Samba authentication via the /etc_ro/smb.conf configuration file. The vulnerability requires high attack complexity and has been publicly disclosed, though exploitation difficulty remains elevated. CVSS 2.9 and EPSS 0.07% (20th percentile) indicate low real-world risk despite proof-of-concept availability.
Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.
User enumeration vulnerability affecting web management interfaces where usernames are limited to device identifiers (10-digit numerical values). An unauthenticated remote attacker can enumerate valid user accounts by systematically testing digit sequences, potentially gaining information disclosure and limited system manipulation capabilities. The CVSS 8.6 rating reflects high confidentiality impact, though patch status and active exploitation details require vendor-specific assessment.
Schule is open-source school management system software. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Users who were required to change their password could still access system information before changing their password. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in Znuny before 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Smart Office up to 20240405. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Weak MySQL database root password in LaborOfficeFree affects version 19.10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Weak MySQL database root password in LaborOfficeFree affects version 19.10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic.php. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
HCL Compass is vulnerable to insecure password requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cloudexplorer-lite is an open source cloud software stack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.1.0 through 1.6.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Kiwi TCMS is an open source test management system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.