CWE-1391— Use of Weak Credentials
The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.— MITRE CWE catalog
52 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1391page 2 of 2
- CVE-2026-57473MEDIUMCVSS 5.8EG 5.82026-06-26
A vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibility of brute-force cracking the credentials. This issue could allow attackers on the same local net…
- CVE-2026-8076CRITICALCVSS 9.3EG 9.32026-05-08
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility wit…
Map vulnerabilities like CWE-1391 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1391 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →