Copyright 2024 by Qualys, Inc. All Rights Reserved. 1
Qualys Vulnerability Management – Scanning for
Default Credentials & Commonly Used Passwords
The Qualys Vulnerability KnowledgeBase provides many QIDs that can be scanned to determine
if your devices are vulnerable because default credentials are in use on your devices. To
determine if default credentials are in use, we perform a simple dictionary check of slightly
increasing complexity. This document lists QIDs that perform default credential checks with the
usernames and passwords tested as part of the detection logic.
Important - The Qualys vulnerability signatures team is constantly releasing new QID
detections. This document will not include a comprehensive list of QIDs and will not be updated
at the same rate that new QIDs are released.
QID 10082 – Default Account in Piranha Web Interface
Service/Protocol
Username
Password
HTTP service
piranha
Q
HTTP service
piranha
piranha
QID 43021 – Cisco Router/Switch Default Password Vulnerability
Service/Protocol
Username
Password
HTTP service
cisco
cisco
QID 10347 – PHP Nuke Default Administration Password Vulnerability
Service/Protocol
Username
Password
HTTP service
God
Password
QID 10624 – PhotoDB 1.4 Administrator Access Vulnerability
Service/Protocol
Username
Password
HTTP service
hop
hop
QID 11371 – MiniHTTPServer WebForums Server Null Default Password Vulnerability
Service/Protocol
Username
Password
HTTP service
admin
"" (blank)
QID 43061 – 3Com Wireless Access Point Default Password Vulnerability
Service/Protocol
Username
Password
HTTP service
admin
"" (blank)
HTTP service
admin
password
QID 86673 – WebSphere Application Server Administrative Console Login Vulnerability
Service/Protocol
Username
Password
Scanning for Default Credentials & Commonly Used Passwords 2
HTTP service
random username
random password
QID 43090 – Default Account Enabled for Web Management Interface
Service/Protocol
Username
Password
HTTP service
admin
"" (blank)
HTTP service
admin
admin
QID 86719 – Apache Tomcat Default Account Enabled
Service/Protocol
Username
Password
HTTP service
tomcat
tomcat
QID 43108 – Netgear WGT624 Default Username-Password Found
Service/Protocol
Username
Password
HTTP service
admin
password
QID 86857 – Apache Tomcat Web Application Manager Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
HTTP service
tomcat
tomcat
HTTP service
admin
"" (blank)
HTTP service
ovwebusr
OvW*busr1
HTTP service
j2deployer
j2deployer
HTTP service
cxsdk
kdsxc
HTTP service
administrator
"" (blank)
HTTP service
admin
j5Brn9
HTTP service
ADMIN
ADMIN
HTTP service
root
root
HTTP service
admin
tomcat
HTTP service
root
changethis
HTTP service
xampp
xampp
HTTP service
tomcat
changethis
HTTP service
admin
changethis
HTTP service
role1
role1
HTTP service
role
changethis
HTTP service
QCC
QLogic66
HTTP service
tomcat
admin
HTTP service
admin
password
HTTP service
admin
Password1
HTTP service
admin
password1
HTTP service
both
tomcat
HTTP service
manager
manager
HTTP service
role1
tomcat
HTTP service
root
Password1
HTTP service
root
changethis
HTTP service
root
password
HTTP service
root
password1
HTTP service
root
r00t
Scanning for Default Credentials & Commonly Used Passwords 3
HTTP service
root
toor
HTTP service
tomcat
s3cret
HTTP service
tomcat
password1
HTTP service
tomcat
password
HTTP service
tomcat
"" (blank)
QID 12499 – Apache Axis2 Default Administrative Access
Service/Protocol
Username
Password
HTTP service
admin
axis2
QID 43189 – Dell Remote Access Controller Default Password for "root" Account Detected
Service/Protocol
Username
Password
HTTP service
root
calvin
QID 43198 – TP-LINK Wireless Router Default Username-Password Found
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 12541 – Geronimo Console Default Credentials Access
Service/Protocol
Username
Password
HTTP service
system
manager
QID 43220 – Schneider Modicon Quantum Web Server Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
USER
USER
QID 43223 – Rockwell Automation / Allen-Bradley MicroLogix PLC Web Server Accessible
Using Default Credentials
Service/Protocol
Username
Password
HTTP service
administrator
ml1400
HTTP service
administrator
ml1100
HTTP service
guest
guest
QID 12558 – Adobe Document Server Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
adobe
QID 12560 – Google Urchin Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
urchin
QID 12562 – Oracle WebLogic Accessible Using Default Credentials
Service/Protocol
Username
Password
Scanning for Default Credentials & Commonly Used Passwords 4
HTTP service
weblogic
weblogic
HTTP service
admin
ofbiz
HTTP service
admin
adminadmin
QID 12587 – Apache Sling Admin Page Accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 12590 – Scrutinizer Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 43246 – Nokia Firewall Web interface Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
password
QID 12599 – Trend Micro InterScan Web Security Suite Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
imsva
QID 87106 – Oracle GlassFish Server Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
"" (blank)
QID 12702 – Solus Virtual Manager Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
vpsadmin
vpsadmin
QID 12705 – Oracle Enterprise Manager Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
SYSTEM
MANAGER
QID 12706 – IBM Integrated Management Module (IMM) Interface Accessible via Default
Credentials
Service/Protocol
Username
Password
HTTP service
USERID
PASSW0RD
QID 42417 – F5 BIG-IP Management Interface Accessible Via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
Scanning for Default Credentials & Commonly Used Passwords 5
QID 12907 – McAfee Asset Manager Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
Password@5
QID 12928 – Unitrends Enterprise Backup Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
root
unitrends1
QID 12929 – Citrix Netscaler Web Management Interface Accessible Using Default
Credentials
Service/Protocol
Username
Password
HTTP service
nsroot
nsroot
QID 13053 – Silver Peak VX Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 11507 – VMware ESXi Server Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
root
"" (blank)
QID 11633 – Open Source Point of Sale (OSPOS) Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
pointofsale
QID 11804 – Apache ActiveMQ Admin Console Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 11821 – pfSense Admin Console Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
pfsense
QID 42039 – vSphere Managed Object Browser Accessible with Default credential
Service/Protocol
Username
Password
HTTP service
root
NULL
QID 11847 – Juniper EX Series Switch J-Web Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
root
NULL
Scanning for Default Credentials & Commonly Used Passwords 6
QID 11867 – Recipe Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
recipe
recipe
QID 11931 – IrisID iCAM7000 Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
iCAM7000
iris7000
QID 11935 – EMC VMAX Virtual Appliance (vApp) Using Default Credentials
Service/Protocol
Username
Password
HTTP service
smc
smc
QID 11950 – Supermicro IPMI Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
ADMIN
ADMIN
QID 38719 – RabbitMQ Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
guest
guest
QID 13178 – MegaRAC Management Controller Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 42045 – CAREL pCOWeb Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
Fadmin
FTP
httpadmin
fhttpadmin
QID 13200 – IBM RackSwitch G8264 Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 13218 – Adobe Experience Manager Accessible With Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
HTTP service
author
author
HTTP service
anonymous
anonymous
HTTP service
replication-receiver
replication-receiver
HTTP service
jdoe
jdoe
HTTP service
aparker
aparker
Scanning for Default Credentials & Commonly Used Passwords 7
QID 13253 – Zinwave 3000 DAS Admin Console Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
advanced
supervisor
QID 13296 – Palo Alto Network Firewall Web Management Interface Accessible Using
Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 13301 – Siemens IE/AS-INTERFACE LINK PN IO Web Interface Accessible With Default
Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 13327 – Netscaler Management and Analytics System Web Interface Accessible With
Default Credentials
Service/Protocol
Username
Password
HTTP service
nsroot
password
QID 13373 – Ansible Runner Service Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 13374 – Ansible AWX Accessible With Default Credentials
Service/Protocol
Username
Password
HTTP service
awx
awxpass
HTTP service
admin
awxpass
QID 38767 – Pivotal RabbitMQ Default Service Credentials Detected
Service/Protocol
Username
Password
HTTP service
guest
awxpass
HTTP service
guest
guest
QID 13530 – Intermec EasyLAN 10i2 Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
NULL
intermec
QID 13532 – Sonatype Nexus Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
admin123
HTTP service
deployment
deployment123
Scanning for Default Credentials & Commonly Used Passwords 8
QID 48041 – Lantronix UDS1100 Device Server Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
"" (blank)
"" (blank)
QID 13550 – Schneider APC Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
apc
apc
HTTP service
readonly
apc
HTTP service
device
apc
QID 13633 – IBM Aspera Node Daemon Accessible with Default Credentials
Service/Protocol
Username
Password
HTTP service
asp1
aspera
HTTP service
aspera
aspera
QID 13682 – IBM GCM16 Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
Admin
"" (blank)
QID 13994 – Avocent ACS (Advanced Console Servers) Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
avocent
HTTP service
root
linux
QID 43088 – Vertical Horizon Stack (Enterasys Switch) Default Password Vulnerability
Service/Protocol
Username
Password
HTTP service
admin
"" (blank)
QID 27181 – ZyXEL DSL Modem Default Remote Administration Password Vulnerability
Service/Protocol
Username
Password
FTP
"" (blank)
1234
QID 27202 – Yak! Chat Client FTP Server Default Credentials Vulnerability
Service/Protocol
Username
Password
FTP
Yak
asd123
QID 43018 – Avaya Cajun Firmware Undocumented Default Accounts Vulnerability
Service/Protocol
Username
Password
TELNET
diag
danger
TELNET
diag
xxyyzz
QID 43068 – Avaya Wireless Access Point Default Telnet Password Vulnerability
Service/Protocol
Username
Password
Scanning for Default Credentials & Commonly Used Passwords 9
TELNET
"" (blank)
public
QID 43088 – Vertical Horizon Stack Default Login
Service/Protocol
Username
Password
TELNET
admin
"" (blank)
QID 43189 – iDRAC Default Login
Service/Protocol
Username
Password
TELNET
root
calvin
QID 38151 – Nullsoft SHOUTCast Default Administrator Password Vulnerability
Service/Protocol
Username
Password
SHOUTCAST
"" (blank)
changeme
SHOUTCAST
"" (blank)
adminpass
QID 43222 – Schneider Modicon Quantum FTP Server Accessible Using Default Credentials
Service/Protocol
Username
Password
FTP
USER
USERUSER
QID 27358 – XAMPP FTP Server Accessible Using Default Credentials
Service/Protocol
Username
Password
FTP
newuser
wampp
FTP
nobody
lampp
QID 43431 – American Power Conversion (APC) Web/SNMP Management SmartSlot Card
Accessible via Default Credentials
Service/Protocol
Username
Password
TELNET
"" (blank)
TENmanUFactOryPOWER
QID 43029 – Seagate Central Accessible Via Default Credentials
Service/Protocol
Username
Password
FTP
root
"" (NULL)
QID 14002 – Firebird Remote Access Default Credential Vulnerability
Service/Protocol
Username
Password
FIREBIRD_DATABA
SE_SERVER
SYSDBA
masterkey
QID 20065 – pcAmerica Point of Sale (POS) Using Default Credentials
Service/Protocol
Username
Password
MSSQL
SA
pcAmer1ca
Scanning for Default Credentials & Commonly Used Passwords 10
QID 38702 – ZyXEL PK5001Z Default Credentials Detected
Service/Protocol
Username
Password
TELNET
admin
zyad5001
TELNET
admin
CenturyL1nk
QID 20073 – Redis Server Accessible Using Default Credentials
Service/Protocol
Username
Password
REDIS
"" (blank)
foobared
QID 20081 – Apache Cassandra Accessible With Default Credentials
Service/Protocol
Username
Password
CASSANDRA
cassandra
cassandra
QID 13241 – Printronix PrintNet Accessible With Default Credentials
Service/Protocol
Username
Password
FTP
root
"" (blank)
QID 13274 – Fabric OS Device Accessible With Default Credentials
Service/Protocol
Username
Password
TELNET
root
fibranne
TELNET
admin
password
TELNET
user
password
TELNET
factory
password
QID 19957 - Junos Space MYSQL Default Credentials
Service/Protocol
Username
Password
MySQL service
scrutinizer
admin
MySQL service
scrutremote
admin
MySQL service
jboss
netscreen
QID 374803 - Zyxel Firewalls And AP Controller Hardcoded Credential Vulnerability
Service/Protocol
Username
Password
SSH
zyfwp
PrOw!aN_fXp
Scanning for Default Credentials & Commonly Used Passwords 11
Scanning with Password Brute Forcing Enabled
Qualys provides a scan option that allows users to perform password brute forcing attempts at
scan time. Users can enable password brute forcing and select a brute force level (Minimal,
Limited, Standard, Exhaustive) which determines the complexity of the brute forcing efforts
attempted by the scanner. By default, password brute forcing is not enabled in the option profile.
To enable password brute forcing, go to VM/VMDR > Scans > Option Profiles. Then go to the
Scans section to see the Password Brute Forcing option.
Below is a list of QIDs that perform credential checks based on the password brute forcing option
in the scan option profile. A brute force level of “Standard” or “Exhaustive” means that you must
enable password brute forcing at the level indicated in order to perform the credential check.
QID 19065 – MySQL Password List Vulnerability (BRUTEFORCED)
Brute Force Level
Service
Username
Password
Standard
MySQL service
root
"" (blank)
Standard
MySQL service
mysql
"" (blank)
Standard
MySQL service
admin
"" (blank)
Standard
MySQL service
test
"" (blank)
Standard
MySQL service
dummy
"" (blank)
Standard
MySQL service
anonymous
"" (blank)
Standard
MySQL service
monty
guess
Standard
MySQL service
monty
some_pass
Standard
MySQL service
admin
mysql
Standard
MySQL service
root
mysql
Standard
MySQL service
custom
stupid
Standard
MySQL service
superdba
admin
Standard
MySQL service
scrutinizer
admin
Standard
MySQL service
scrutremote
admin
Standard
MySQL service
jboss
netscreen
Standard
MySQL service
sa
pcAmer1ca
Exhaustive
MySQL service
root
"" (blank)
Exhaustive
MySQL service
mysql
"" (blank)
Exhaustive
MySQL service
admin
"" (blank)
Exhaustive
MySQL service
testdd
"" (blank)
Scanning for Default Credentials & Commonly Used Passwords 12
Exhaustive
MySQL service
dummy
"" (blank)
Exhaustive
MySQL service
anonymous
"" (blank)
Exhaustive
MySQL service
admin
mysql
Exhaustive
MySQL service
root
mysql
Exhaustive
MySQL service
monty
guess
Exhaustive
MySQL service
monty
some_pass
Exhaustive
MySQL service
custom
stupid
Exhaustive
MySQL service
superdba
admin
Exhaustive
MySQL service
test
test
Exhaustive
MySQL service
root
root
Exhaustive
MySQL service
root
abc12345
Exhaustive
MySQL service
root
1234567
Exhaustive
MySQL service
root
12345678
Exhaustive
MySQL service
root
123456789
Exhaustive
MySQL service
root
nopass
Exhaustive
MySQL service
root
pass
Exhaustive
MySQL service
root
password
Exhaustive
MySQL service
root
sql
Exhaustive
MySQL service
root
database
Exhaustive
MySQL service
root
secret
Exhaustive
MySQL service
root
oracle
Exhaustive
MySQL service
root
sybase
Exhaustive
MySQL service
root
test
Exhaustive
MySQL service
root
server
Exhaustive
MySQL service
root
computer
Exhaustive
MySQL service
root
Internet
Exhaustive
MySQL service
root
super
Exhaustive
MySQL service
root
alpha
Exhaustive
MySQL service
root
user
Exhaustive
MySQL service
root
manager
Exhaustive
MySQL service
root
security
Exhaustive
MySQL service
root
debug
Exhaustive
MySQL service
root
telnet
Exhaustive
MySQL service
root
123qwe
Exhaustive
MySQL service
root
public
Exhaustive
MySQL service
root
abcd
Exhaustive
MySQL service
root
monitor
Exhaustive
MySQL service
root
default
Exhaustive
MySQL service
root
abc123
Exhaustive
MySQL service
root
123abc
Exhaustive
MySQL service
root
abc
Exhaustive
MySQL service
root
123asd
Exhaustive
MySQL service
root
tivoli
Exhaustive
MySQL service
root
asdf
Exhaustive
MySQL service
root
network
Exhaustive
MySQL service
root
real
Exhaustive
MySQL service
root
1234qwer
Exhaustive
MySQL service
root
private
Exhaustive
MySQL service
root
asdfgh
Exhaustive
MySQL service
root
135
Exhaustive
MySQL service
root
1357
Exhaustive
MySQL service
root
13579
Scanning for Default Credentials & Commonly Used Passwords 13
Exhaustive
MySQL service
root
246
Exhaustive
MySQL service
root
2468
Exhaustive
MySQL service
root
24680
Exhaustive
MySQL service
root
124
Exhaustive
MySQL service
root
125
Exhaustive
MySQL service
root
128
Exhaustive
MySQL service
root
147
Exhaustive
MySQL service
root
258
Exhaustive
MySQL service
root
369
Exhaustive
MySQL service
root
456
Exhaustive
MySQL service
root
789
Exhaustive
MySQL service
root
159
Exhaustive
MySQL service
root
357
Exhaustive
MySQL service
root
12369
Exhaustive
MySQL service
root
14789
Exhaustive
MySQL service
root
32147
Exhaustive
MySQL service
root
74123
Exhaustive
MySQL service
root
78963
Exhaustive
MySQL service
root
2486
Exhaustive
MySQL service
root
7852
Exhaustive
MySQL service
root
9852
Exhaustive
MySQL service
root
842
Exhaustive
MySQL service
root
862
Exhaustive
MySQL service
root
426
Exhaustive
MySQL service
root
486
Exhaustive
MySQL service
root
156
Exhaustive
MySQL service
root
354
Exhaustive
MySQL service
root
756
Exhaustive
MySQL service
root
954
Exhaustive
MySQL service
root
654321
Exhaustive
MySQL service
root
54321
Exhaustive
MySQL service
root
111
Exhaustive
MySQL service
root
1111
Exhaustive
MySQL service
root
11111
Exhaustive
MySQL service
root
111111
Exhaustive
MySQL service
root
1111111
Exhaustive
MySQL service
root
11111111
Exhaustive
MySQL service
root
222
Exhaustive
MySQL service
root
2222
Exhaustive
MySQL service
root
22222
Exhaustive
MySQL service
root
222222
Exhaustive
MySQL service
root
2222222
Exhaustive
MySQL service
root
22222222
Exhaustive
MySQL service
root
333
Exhaustive
MySQL service
root
3333
Exhaustive
MySQL service
root
33333
Exhaustive
MySQL service
root
333333
Exhaustive
MySQL service
root
3333333
Exhaustive
MySQL service
root
33333333
Exhaustive
MySQL service
root
444
Exhaustive
MySQL service
root
4444
Exhaustive
MySQL service
root
44444
Scanning for Default Credentials & Commonly Used Passwords 14
Exhaustive
MySQL service
root
444444
Exhaustive
MySQL service
root
4444444
Exhaustive
MySQL service
root
44444444
Exhaustive
MySQL service
root
555
Exhaustive
MySQL service
root
5555
Exhaustive
MySQL service
root
55555
Exhaustive
MySQL service
root
555555
Exhaustive
MySQL service
root
5555555
Exhaustive
MySQL service
root
55555555
Exhaustive
MySQL service
root
666
Exhaustive
MySQL service
root
6666
Exhaustive
MySQL service
root
66666
Exhaustive
MySQL service
root
666666
Exhaustive
MySQL service
root
6666666
Exhaustive
MySQL service
root
66666666
Exhaustive
MySQL service
root
777
Exhaustive
MySQL service
root
7777
Exhaustive
MySQL service
root
77777
Exhaustive
MySQL service
root
777777
Exhaustive
MySQL service
root
7777777
Exhaustive
MySQL service
root
77777777
Exhaustive
MySQL service
root
888
Exhaustive
MySQL service
root
8888
Exhaustive
MySQL service
root
88888
Exhaustive
MySQL service
root
888888
Exhaustive
MySQL service
root
8888888
Exhaustive
MySQL service
root
88888888
Exhaustive
MySQL service
root
999
Exhaustive
MySQL service
root
9999
Exhaustive
MySQL service
root
99999
Exhaustive
MySQL service
root
999999
Exhaustive
MySQL service
root
9999999
Exhaustive
MySQL service
root
99999999
Exhaustive
MySQL service
root
000
Exhaustive
MySQL service
root
0000
Exhaustive
MySQL service
root
00000
Exhaustive
MySQL service
root
000000
Exhaustive
MySQL service
root
0000000
Exhaustive
MySQL service
root
00000000
Exhaustive
MySQL service
root
master
Exhaustive
MySQL service
root
ruler
Exhaustive
MySQL service
root
aaa
Exhaustive
MySQL service
root
111
Exhaustive
MySQL service
root
1111
Exhaustive
MySQL service
root
aaa
Exhaustive
MySQL service
root
aaaaaa
Exhaustive
MySQL service
root
abc
Exhaustive
MySQL service
root
abc123
Exhaustive
MySQL service
root
abcd
Exhaustive
MySQL service
root
abcd1234
Exhaustive
MySQL service
root
abcde
Exhaustive
MySQL service
root
abcdef
Scanning for Default Credentials & Commonly Used Passwords 15
Exhaustive
MySQL service
root
abcdefg
Exhaustive
MySQL service
root
access
Exhaustive
MySQL service
root
asdf
Exhaustive
MySQL service
root
asdfg
Exhaustive
MySQL service
root
asdfgh
Exhaustive
MySQL service
root
asdfghjk
Exhaustive
MySQL service
root
asdfjkl
Exhaustive
MySQL service
root
masters
Exhaustive
MySQL service
root
money
Exhaustive
MySQL service
root
new
Exhaustive
MySQL service
root
newpass
Exhaustive
MySQL service
root
nick
Exhaustive
MySQL service
root
one
Exhaustive
MySQL service
root
qwaszx
Exhaustive
MySQL service
root
qwert
Exhaustive
MySQL service
root
qwerty
Exhaustive
MySQL service
root
random
Exhaustive
MySQL service
root
shadow
Exhaustive
MySQL service
root
shit
Exhaustive
MySQL service
root
win95
Exhaustive
MySQL service
root
win98
Exhaustive
MySQL service
root
win2000
Exhaustive
MySQL service
root
win2k
Exhaustive
MySQL service
root
windows
Exhaustive
MySQL service
root
xxx
Exhaustive
MySQL service
root
xxxx
Exhaustive
MySQL service
root
zxcvb
Exhaustive
MySQL service
root
zxcvbnm
Exhaustive
MySQL service
root
hfghfh
Exhaustive
MySQL service
root
abcde
Exhaustive
MySQL service
root
abcdef
Exhaustive
MySQL service
root
crew
Exhaustive
MySQL service
root
aaaa
Exhaustive
MySQL service
root
bbbb
Exhaustive
MySQL service
root
HELLO
Exhaustive
MySQL service
root
zzzz
Exhaustive
MySQL service
root
backdoor
Exhaustive
MySQL service
root
sys
Exhaustive
MySQL service
root
bin
Exhaustive
MySQL service
root
adm
Exhaustive
MySQL service
root
install
Exhaustive
MySQL service
root
user
Exhaustive
MySQL service
root
anon
Exhaustive
MySQL service
root
demo
Exhaustive
MySQL service
root
anonymous
Exhaustive
MySQL service
root
username
Exhaustive
MySQL service
root
pass
Exhaustive
MySQL service
root
password
Exhaustive
MySQL service
root
system
Exhaustive
MySQL service
root
visitor
Exhaustive
MySQL service
root
setup
Exhaustive
MySQL service
root
pub
Scanning for Default Credentials & Commonly Used Passwords 16
Exhaustive
MySQL service
root
public
Exhaustive
MySQL service
root
guest
Exhaustive
MySQL service
root
admin
Exhaustive
MySQL service
root
login
Exhaustive
MySQL service
root
www
Exhaustive
MySQL service
root
web
Exhaustive
MySQL service
root
test
Exhaustive
MySQL service
root
temp
Exhaustive
MySQL service
root
nobody
Exhaustive
MySQL service
root
beta
Exhaustive
MySQL service
root
mail
Exhaustive
MySQL service
root
backup
Exhaustive
MySQL service
root
remote
Exhaustive
MySQL service
root
free
Exhaustive
MySQL service
root
test1
Exhaustive
MySQL service
root
test2
Exhaustive
MySQL service
root
private
Exhaustive
MySQL service
root
hello
Exhaustive
MySQL service
root
coffee
Exhaustive
MySQL service
root
qwertyui
Exhaustive
MySQL service
root
iuytrewq
Exhaustive
MySQL service
root
secure
Exhaustive
MySQL service
root
12345678
Exhaustive
MySQL service
root
87654321
Exhaustive
MySQL service
root
asdfghjk
Exhaustive
MySQL service
root
kjhgfdsa
Exhaustive
MySQL service
root
zxcvbnm
Exhaustive
MySQL service
root
mnbvcxz
Exhaustive
MySQL service
root
poiuytre
Exhaustive
MySQL service
root
ertyuiop
Exhaustive
MySQL service
root
lkjhgfds
Exhaustive
MySQL service
root
sdfghjkl
Exhaustive
MySQL service
root
11111111
Exhaustive
MySQL service
root
22222222
Exhaustive
MySQL service
root
33333333
Exhaustive
MySQL service
root
44444444
Exhaustive
MySQL service
root
55555555
Exhaustive
MySQL service
root
66666666
Exhaustive
MySQL service
root
77777777
Exhaustive
MySQL service
root
88888888
Exhaustive
MySQL service
root
99999999
Exhaustive
MySQL service
root
00000000
Exhaustive
MySQL service
root
2001
Exhaustive
MySQL service
root
2010
Exhaustive
MySQL service
test
test
QID 19586 - Sybase User Account Bruteforced
Brute Force Level
Service
Username
Password
Standard
Sybase service
entldbreader
rdrpswd
Standard
Sybase service
mon_user
mon_user
Standard
Sybase service
pkiuser
pkipasswd
Scanning for Default Credentials & Commonly Used Passwords 17
Standard
Sybase service
pso
123qwe
Standard
Sybase service
probe
probe
Standard
Sybase service
jstask
jstask
Standard
Sybase service
sybmail
Sybmail
Standard
Sybase service
sa
"" (blank)
Standard
Sybase service
dba
SQL
Standard
Sybase service
entldbdbo
dbopswd
Standard
Sybase service
jagadmin
jagadmin
Standard
Sybase service
jagadmin
"" (blank)
Standard
Sybase service
PIAdmin
PIAdmin
Standard
Sybase service
PIAdmin
piadmin
Standard
Sybase service
PortalAdmin
PortalAdmin
QID 38688 - VNC Server Weak/Common Password Vulnerability
Brute Force Level
Service
Username
Password
Standard
VNC service
"" (blank)
Password
Standard
VNC service
"" (blank)
abc123
QID 20079 - MongoDB User Account Bruteforced
Brute Force Level
Service
Username
Password
Exhaustive
MongoDB service
myUserAdmin
abc123
Exhaustive
MongoDB service
myTester
xyz123
Exhaustive
MongoDB service
admin
admin
Exhaustive
MongoDB service
root
pass
Exhaustive
MongoDB service
user
pass
Exhaustive
MongoDB service
dev1
pass
Exhaustive
MongoDB service
testdb
pass
Exhaustive
MongoDB service
admin
adminpassword
Exhaustive
MongoDB service
admin
password
Exhaustive
MongoDB service
admin
mongo
QID 38052 and QID 38259
QID 38052 - Telnet Bruteforce Username/Password Successful
QID 38259 - SSH User Login Bruteforced
Note: The passwords attempted for these QIDs are dynamically generated by the scanner.
Brute Force Level
Service
Username
Exhaustive
SSH/TELNET
!root
Exhaustive
SSH/TELNET
root
Exhaustive
SSH/TELNET
access
Exhaustive
SSH/TELNET
adm
Exhaustive
SSH/TELNET
admin
Exhaustive
SSH/TELNET
administrator
Exhaustive
SSH/TELNET
anon
Exhaustive
SSH/TELNET
anonymous
Exhaustive
SSH/TELNET
audit
Exhaustive
SSH/TELNET
auditor
Exhaustive
SSH/TELNET
backup
Exhaustive
SSH/TELNET
batch
Scanning for Default Credentials & Commonly Used Passwords 18
Exhaustive
SSH/TELNET
bbs
Exhaustive
SSH/TELNET
bd3rst62
Exhaustive
SSH/TELNET
bin
Exhaustive
SSH/TELNET
browse
Exhaustive
SSH/TELNET
checkfs
Exhaustive
SSH/TELNET
checkfsys
Exhaustive
SSH/TELNET
checksys
Exhaustive
SSH/TELNET
cisco
Exhaustive
SSH/TELNET
client
Exhaustive
SSH/TELNET
csadmin
Exhaustive
SSH/TELNET
cust
Exhaustive
SSH/TELNET
customer
Exhaustive
SSH/TELNET
cvs
Exhaustive
SSH/TELNET
cz7ngr81
Exhaustive
SSH/TELNET
daemon
Exhaustive
SSH/TELNET
database
Exhaustive
SSH/TELNET
datamove
Exhaustive
SSH/TELNET
db
Exhaustive
SSH/TELNET
dbadmin
Exhaustive
SSH/TELNET
dbs
Exhaustive
SSH/TELNET
debug
Exhaustive
SSH/TELNET
decmail
Exhaustive
SSH/TELNET
decnet
Exhaustive
SSH/TELNET
default
Exhaustive
SSH/TELNET
demo
Exhaustive
SSH/TELNET
demo1
Exhaustive
SSH/TELNET
demo2
Exhaustive
SSH/TELNET
demo3
Exhaustive
SSH/TELNET
demo4
Exhaustive
SSH/TELNET
demos
Exhaustive
SSH/TELNET
diag
Exhaustive
SSH/TELNET
dialup
Exhaustive
SSH/TELNET
event
Exhaustive
SSH/TELNET
fax
Exhaustive
SSH/TELNET
faxuser
Exhaustive
SSH/TELNET
field
Exhaustive
SSH/TELNET
finance
Exhaustive
SSH/TELNET
fo5syn79
Exhaustive
SSH/TELNET
ftp
Exhaustive
SSH/TELNET
ftpuser
Exhaustive
SSH/TELNET
games
Exhaustive
SSH/TELNET
gateway
Exhaustive
SSH/TELNET
gdm
Exhaustive
SSH/TELNET
glftpd
Exhaustive
SSH/TELNET
gopher
Exhaustive
SSH/TELNET
gropher
Exhaustive
SSH/TELNET
guest
Exhaustive
SSH/TELNET
guest1
Exhaustive
SSH/TELNET
guest2
Exhaustive
SSH/TELNET
guest3
Exhaustive
SSH/TELNET
gw8ack13
Exhaustive
SSH/TELNET
halt
Scanning for Default Credentials & Commonly Used Passwords 19
Exhaustive
SSH/TELNET
hello
Exhaustive
SSH/TELNET
help
Exhaustive
SSH/TELNET
helpdesk
Exhaustive
SSH/TELNET
host
Exhaustive
SSH/TELNET
hp
Exhaustive
SSH/TELNET
hplaser
Exhaustive
SSH/TELNET
ibm
Exhaustive
SSH/TELNET
identd
Exhaustive
SSH/TELNET
informix
Exhaustive
SSH/TELNET
in
Exhaustive
SSH/TELNET
info
Exhaustive
SSH/TELNET
ingoing
Exhaustive
SSH/TELNET
ingress
Exhaustive
SSH/TELNET
init
Exhaustive
SSH/TELNET
install
Exhaustive
SSH/TELNET
irc
Exhaustive
SSH/TELNET
irc1
Exhaustive
SSH/TELNET
ik2ytr72
Exhaustive
SSH/TELNET
kdm
Exhaustive
SSH/TELNET
laser
Exhaustive
SSH/TELNET
laserjet
Exhaustive
SSH/TELNET
laserwriter
Exhaustive
SSH/TELNET
link
Exhaustive
SSH/TELNET
locate
Exhaustive
SSH/TELNET
login
Exhaustive
SSH/TELNET
lp
Exhaustive
SSH/TELNET
lpd
Exhaustive
SSH/TELNET
lpadm
Exhaustive
SSH/TELNET
lpadmin
Exhaustive
SSH/TELNET
lynx
Exhaustive
SSH/TELNET
mail
Exhaustive
SSH/TELNET
mailer
Exhaustive
SSH/TELNET
maint
Exhaustive
SSH/TELNET
maintain
Exhaustive
SSH/TELNET
maintainer
Exhaustive
SSH/TELNET
man
Exhaustive
SSH/TELNET
manager
Exhaustive
SSH/TELNET
md7psh63
Exhaustive
SSH/TELNET
me
Exhaustive
SSH/TELNET
mgr
Exhaustive
SSH/TELNET
micro
Exhaustive
SSH/TELNET
modem
Exhaustive
SSH/TELNET
mountfs
Exhaustive
SSH/TELNET
mountfsys
Exhaustive
SSH/TELNET
mountsys
Exhaustive
SSH/TELNET
mon
Exhaustive
SSH/TELNET
monitor
Exhaustive
SSH/TELNET
mp3
Exhaustive
SSH/TELNET
msql
Exhaustive
SSH/TELNET
mysql
Exhaustive
SSH/TELNET
named
Exhaustive
SSH/TELNET
netcon
Scanning for Default Credentials & Commonly Used Passwords 20
Exhaustive
SSH/TELNET
netman
Exhaustive
SSH/TELNET
netmgr
Exhaustive
SSH/TELNET
netmanager
Exhaustive
SSH/TELNET
netpriv
Exhaustive
SSH/TELNET
netserver
Exhaustive
SSH/TELNET
netscreen
Exhaustive
SSH/TELNET
netop
Exhaustive
SSH/TELNET
network
Exhaustive
SSH/TELNET
news
Exhaustive
SSH/TELNET
new
Exhaustive
SSH/TELNET
newingres
Exhaustive
SSH/TELNET
noaccess
Exhaustive
SSH/TELNET
nobody
Exhaustive
SSH/TELNET
none
Exhaustive
SSH/TELNET
notes
Exhaustive
SSH/TELNET
nq5urg43
Exhaustive
SSH/TELNET
nuucp
Exhaustive
SSH/TELNET
null
Exhaustive
SSH/TELNET
nv3cxz77
Exhaustive
SSH/TELNET
op
Exhaustive
SSH/TELNET
op1
Exhaustive
SSH/TELNET
openwin
Exhaustive
SSH/TELNET
oper
Exhaustive
SSH/TELNET
operator
Exhaustive
SSH/TELNET
oracle
Exhaustive
SSH/TELNET
out
Exhaustive
SSH/TELNET
outgoing
Exhaustive
SSH/TELNET
pbx
Exhaustive
SSH/TELNET
piranha
Exhaustive
SSH/TELNET
postgres
Exhaustive
SSH/TELNET
postfix
Exhaustive
SSH/TELNET
postmaster
Exhaustive
SSH/TELNET
powerdown
Exhaustive
SSH/TELNET
private
Exhaustive
SSH/TELNET
priv
Exhaustive
SSH/TELNET
pub
Exhaustive
SSH/TELNET
public
Exhaustive
SSH/TELNET
psybnc
Exhaustive
SSH/TELNET
pvm
Exhaustive
SSH/TELNET
qmail
Exhaustive
SSH/TELNET
quser
Exhaustive
SSH/TELNET
r00t
Exhaustive
SSH/TELNET
rcs
Exhaustive
SSH/TELNET
read
Exhaustive
SSH/TELNET
readonly
Exhaustive
SSH/TELNET
readwrite
Exhaustive
SSH/TELNET
report
Exhaustive
SSH/TELNET
rem
Exhaustive
SSH/TELNET
remaccess
Exhaustive
SSH/TELNET
remote
Exhaustive
SSH/TELNET
rfindd
Exhaustive
SSH/TELNET
ro
Scanning for Default Credentials & Commonly Used Passwords 21
Exhaustive
SSH/TELNET
root
Exhaustive
SSH/TELNET
router
Exhaustive
SSH/TELNET
rw
Exhaustive
SSH/TELNET
rz0plm92
Exhaustive
SSH/TELNET
sam
Exhaustive
SSH/TELNET
sa
Exhaustive
SSH/TELNET
sap
Exhaustive
SSH/TELNET
security
Exhaustive
SSH/TELNET
service
Exhaustive
SSH/TELNET
setup
Exhaustive
SSH/TELNET
sgiweb
Exhaustive
SSH/TELNET
shutdown
Exhaustive
SSH/TELNET
signa
Exhaustive
SSH/TELNET
soft
Exhaustive
SSH/TELNET
software
Exhaustive
SSH/TELNET
sqldba
Exhaustive
SSH/TELNET
sqluser
Exhaustive
SSH/TELNET
student
Exhaustive
SSH/TELNET
supervisor
Exhaustive
SSH/TELNET
support
Exhaustive
SSH/TELNET
sync
Exhaustive
SSH/TELNET
sys
Exhaustive
SSH/TELNET
sysadm
Exhaustive
SSH/TELNET
sysadmin
Exhaustive
SSH/TELNET
sysbin
Exhaustive
SSH/TELNET
sysop
Exhaustive
SSH/TELNET
sysmaint
Exhaustive
SSH/TELNET
system
Exhaustive
SSH/TELNET
system_admin
Exhaustive
SSH/TELNET
systest
Exhaustive
SSH/TELNET
tape
Exhaustive
SSH/TELNET
teacher
Exhaustive
SSH/TELNET
tech
Exhaustive
SSH/TELNET
tele
Exhaustive
SSH/TELNET
teledemo
Exhaustive
SSH/TELNET
teletest
Exhaustive
SSH/TELNET
telnetd
Exhaustive
SSH/TELNET
temp
Exhaustive
SSH/TELNET
temp1
Exhaustive
SSH/TELNET
test
Exhaustive
SSH/TELNET
test1
Exhaustive
SSH/TELNET
test2
Exhaustive
SSH/TELNET
testacct
Exhaustive
SSH/TELNET
toor
Exhaustive
SSH/TELNET
toto
Exhaustive
SSH/TELNET
tour
Exhaustive
SSH/TELNET
tmp
Exhaustive
SSH/TELNET
tmp1
Exhaustive
SSH/TELNET
tmp2
Exhaustive
SSH/TELNET
trouble
Exhaustive
SSH/TELNET
tutor
Exhaustive
SSH/TELNET
tw3bpq56
Scanning for Default Credentials & Commonly Used Passwords 22
Exhaustive
SSH/TELNET
uetp
Exhaustive
SSH/TELNET
umountfs
Exhaustive
SSH/TELNET
umountfsys
Exhaustive
SSH/TELNET
umountsys
Exhaustive
SSH/TELNET
unix
Exhaustive
SSH/TELNET
update
Exhaustive
SSH/TELNET
upload
Exhaustive
SSH/TELNET
user
Exhaustive
SSH/TELNET
user1
Exhaustive
SSH/TELNET
user2
Exhaustive
SSH/TELNET
user3
Exhaustive
SSH/TELNET
user4
Exhaustive
SSH/TELNET
user5
Exhaustive
SSH/TELNET
user6
Exhaustive
SSH/TELNET
user7
Exhaustive
SSH/TELNET
user8
Exhaustive
SSH/TELNET
userp
Exhaustive
SSH/TELNET
usr
Exhaustive
SSH/TELNET
uucp
Exhaustive
SSH/TELNET
uucpadm
Exhaustive
SSH/TELNET
uz6xyz78
Exhaustive
SSH/TELNET
vax
Exhaustive
SSH/TELNET
vms
Exhaustive
SSH/TELNET
warez
Exhaustive
SSH/TELNET
web
Exhaustive
SSH/TELNET
webadmin
Exhaustive
SSH/TELNET
webmail
Exhaustive
SSH/TELNET
webmaster
Exhaustive
SSH/TELNET
wx6the78
Exhaustive
SSH/TELNET
work
Exhaustive
SSH/TELNET
workuser
Exhaustive
SSH/TELNET
wp
Exhaustive
SSH/TELNET
www
Exhaustive
SSH/TELNET
write
Exhaustive
SSH/TELNET
xdm
Exhaustive
SSH/TELNET
xfs
Exhaustive
SSH/TELNET
zeraw
QID 38916 – Common Base Linux Mariner (CBL-Mariner) Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
mariner_user
p@ssw0rd
QID 731038 – Anylogic Team License Server Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 38889 – Star POS Printer NIC Card Default Credentials Detected
Service/Protocol
Username
Password
Scanning for Default Credentials & Commonly Used Passwords 23
HTTP service
root
public
QID 48231 – Star POS Printer NIC Card Default Credentials Detected (DEPRECATED)
Service/Protocol
Username
Password
HTTP service
root
public
QID 730705 – Meinberg NTP Server accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
root
timesaver
QID 730612 – Cloudera Manager (CDH) Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 730604 – CA APM Introscope(R) Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
Admin89
QID 730574– Digital Loggers LPC9 Accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
1234
QID 38853 – Bssaudio Soundweb London Default Credentials Detected bssaudio
Service/Protocol
Username
Password
HTTP service
bssaudio
monkey
QID 730162– Raritan Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
raritan
QID 730153 – Openstage IP Phone Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
123456
QID 730151 – Grafana Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
Admin
HTTP service
admin
prom-operator
QID 730107 – Zebra Printer Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
1234
Scanning for Default Credentials & Commonly Used Passwords 24
QID 730067 – ExacqVision server with default credentials detected
Service/Protocol
Username
Password
HTTP service
admin
admin256
QID 13627 – Pavilion Data Systems Storage Array Accessible with default credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 14009 – Netbotz WallBotz 500 appliance Device Accessible With Default Credentials
Service/Protocol
Username
Password
HTTP service
netbotz
netbotz
QID 11848 – Ricoh Printer Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
supervisor
blank password
QID 10693 – Web Server / Web Application Accessible Via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
Password
HTTP service
test
test
QID 12999 – Gurobi remote services API with default credentials detected
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 12750 – Zabbix Installation Using Default Administrative Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
zabbix
QID 12565 – Pandora FMS Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
root
pandora
QID 12563 – Apache OFBiz Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
ofbiz
QID 12559 – AmpJuke Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
pass
Scanning for Default Credentials & Commonly Used Passwords 25
QID 87098 – JBoss Administration Console Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 43225 – Schweitzer Engineering Laboratories (SEL) Controller Accessible Using Default
Credentials
Service/Protocol
Username
Password
HTTP service
Level 1
OTTER
Level 2
TAIL
QID 43221 – Schneider Modicon Quantum Telnet Server Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
USER
USERUSER
QID 12458– SonarQube Accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 12395– Adobe Experience Manager CRX Accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
admin
QID 11406– Splunk Accessible Using Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
changeme
QID 20424– Postgres DB Default credentials
Service/Protocol
Username
Password
PostgresDB
postgres
template1
QID 730912– Tripp Lite PowerAlert Device Manager Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
localadmin
localadmin
HTTP service
localmanager
localmanager
HTTP service
localguest
localguest
HTTP service
technician
TrippLite
QID 730903– DataHub Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
datahub
datahub
Scanning for Default Credentials & Commonly Used Passwords 26
QID 730574– Digital Loggers LPC9 Accessible via Default Credentials
Service/Protocol
Username
Password
HTTP service
admin
1234
QID 13723– PhpMyAdmin Accessible With Default Credentials
Service/Protocol
Username
Password
HTTP service
postgres
template1
QID 731701– Quantum Scalar Default Credentials Detected
Service/Protocol
Username
Password
HTTP service
admin
password
Last updated: August 26, 2024
