SYM_GEN_0133 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
An Adafruit API key has been found hard-coded directly in the source code. Storing sensitive credentials in code makes them easy to accidentally share or leak, exposing your project to unauthorized access.
Impact
If an attacker obtains the exposed API key, they could gain access to your Adafruit account or services, potentially leading to data theft, unauthorized operations, or unexpected costs. This could compromise both your application and any connected resources.