Total
201 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-8625 | 2025-10-02 | N/A | 9.8 CRITICAL | ||
| The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreap_handle_image() Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachments. As a result, unauthenticated attackers can forge a valid token to gain elevated privileges and upload an arbitrary file (e.g. a PHP script) through the image handler, leading to remote code execution. | |||||
| CVE-2025-24525 | 2025-10-02 | N/A | 7.5 HIGH | ||
| Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available in Version 6.9.1, released on September 23, 2025. | |||||
| CVE-2025-43483 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.7 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the retrieval of hardcoded cryptographic keys. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-4876 | 1 Connectwise | 1 Risk Assessment | 2025-10-02 | N/A | 6.0 MEDIUM |
| ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained the key can be used to decrypt CSV input filesĀ used for authenticated network scanning. | |||||
| CVE-2025-60250 | 2025-09-26 | N/A | 4.7 MEDIUM | ||
| Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV. | |||||
| CVE-2025-58069 | 2025-09-24 | N/A | 5.3 MEDIUM | ||
| The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session. | |||||
| CVE-2025-44963 | 1 Commscope | 1 Ruckus Network Director | 2025-09-23 | N/A | 9.0 CRITICAL |
| RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key. | |||||
| CVE-2024-12078 | 1 Ecovacs | 28 Airbot Andy, Airbot Andy Firmware, Airbot Ava and 25 more | 2025-09-23 | N/A | 6.3 MEDIUM |
| ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. An unauthenticated attacker within BLE range can control any robot using the same key. | |||||
| CVE-2025-30200 | 1 Ecovacs | 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more | 2025-09-23 | N/A | 6.3 MEDIUM |
| ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived. | |||||
| CVE-2025-30198 | 1 Ecovacs | 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more | 2025-09-23 | N/A | 6.3 MEDIUM |
| ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived. | |||||
| CVE-2025-54807 | 2025-09-19 | N/A | 9.8 CRITICAL | ||
| The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system. | |||||
| CVE-2025-57174 | 2025-09-16 | N/A | 9.8 CRITICAL | ||
| An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318. This issue may affect other Etherhaul series devices with shared firmware. | |||||
| CVE-2025-10250 | 2025-09-11 | 4.3 MEDIUM | 5.0 MEDIUM | ||
| A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-56577 | 1 Evope | 1 Evope Core | 2025-09-08 | N/A | 8.4 HIGH |
| An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys. | |||||
| CVE-2025-10080 | 2025-09-08 | 2.1 LOW | 3.1 LOW | ||
| A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key . The attack is possible to be carried out remotely. The attack is considered to have high complexity. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9604 | 2025-08-29 | 2.6 LOW | 3.7 LOW | ||
| A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt." | |||||
| CVE-2025-55619 | 1 Reolink | 1 Reolink | 2025-08-28 | N/A | 9.8 CRITICAL |
| Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering. | |||||
| CVE-2022-48625 | 1 Yealink | 1 Configuration Encryption Tool | 2025-08-26 | N/A | 7.5 HIGH |
| Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary. | |||||
| CVE-2025-41702 | 2025-08-26 | N/A | 9.8 CRITICAL | ||
| The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key. | |||||
| CVE-2023-39482 | 1 Softing | 3 Edgeaggregator, Edgeconnector, Secure Integration Server | 2025-08-12 | N/A | 6.5 MEDIUM |
| Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610. | |||||