← All findings
f-012 — Hard-coded admin / admin123 + MFA accepts 0000
critical · admin-panel · status open · first seen 2026-04-21
Framework mapping
| Framework | Controls / requirements |
|---|---|
| ISO/IEC 27001:2022 ISMS |
A.5.18 A.8.5 |
| NIST Cybersecurity Framework 2.0 Risk |
PR.AC-1 |
| PCI DSS v4.0 Cardholder data |
8.3.1 |
| SOC 2 Type II Trust services |
CC6.1 |
| OWASP Top 10 (2021) Web |
A07:2021 |