Default Credentials

Introduction

A Default Credential vulnerability is a type of vulnerability in a computing device that most commonly affects devices having some pre-set (default) administrative credentials to access all configuration settings.

How to find

Find out type of CMS / Software is used by the website you are testing, for example the website is using grafana
Find the admin login
Find the information about default credential using repositories below

Useful Repositories

@ihebski
@many-passwords

References

OWASP 04-Authentication Testing
HackerOne #398797

PreviousBusiness Logic Errors NextEmail Spoofing

Last updated 1 year ago