CVE-2026-3873 Legacy built-in user account

Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...

CVE-2026-3873 Legacy built-in user account

Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...

CVE-2022-35582

Penta Security Systems Inc WAPPLES 4.0., 5.0.0., 5.0.12. are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the...

GHSA-4H47-H3CR-23WH Improper Authorization in Jenkins

A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database...

CVE-2017-12711

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.220170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges...

Advantech WebAccess Elevation of Privilege Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. An elevation of privilege vulnerability exists in Advantec...

WS_FTP Server buffer overflow adn backdor

Buffer overflow in STAT and another commands. Built-in user accaount XXSESSMGRYY with password X1833 allows command execution on server...