CVE-2025-27255

HIGH Year: 2025
CVSS v3 Score
8.0
High
Weakness Type
CWE-798
View all →

Vulnerability Description

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code.

Related Vulnerabilities

CVE-2017-2283

HIGH
CVSS:8.0(High)

WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.

CWE-7982017

CVE-2018-15781

HIGH
CVSS:8.0(High)

The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. An unauthenticated remote attacker could reverse engineer the cryptographi...

CWE-7982018

CVE-2023-49224

HIGH
CVSS:8.0(High)

Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the authorized_keys file. A remote attacker could use this key to gain root privileges.

CWE-7982023

CVE-2024-48192

HIGH
CVSS:8.0(High)

Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root

CWE-7982024

CVE-2024-52788

HIGH
CVSS:8.0(High)

Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.

CWE-7982024

CVE-2024-52789

HIGH
CVSS:8.0(High)

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.

CWE-7982024