2.6 – Audit Code for Hardcoded Credentials

Requirement Description:

Verify that all code—including third-party binaries, libraries, and frameworks—has been reviewed for the presence of hardcoded credentials or backdoors.

DUT Confirmation Details:

(To be filled with OEM-provided confirmation related to implementation and review status)

DUT Software Details:

(To be filled with firmware name/version and relevant OS/kernel details)

Hash Checksum Verification for DUT’s Software Image:

(SHA-256/SHA-1 checksum of firmware image)

DUT Configuration:

(Device Mode, Role, Interfaces enabled, etc.)

Pre-Conditions:

The vendor shall provide the following:

Firmware binaries for code review
Internal code review reports (including SAST/DAST analysis if performed)

Test Plan:

Audit the firmware for hardcoded credentials using a combination of static code analysis, binary reverse engineering (if required), and string extraction tools.

Total Number of Test Cases:

Test-bed Diagram with Interfaces and IPs:

(Attach or reference test network diagram showing DUT, test host, interfaces, etc.)

PreviousTest 1-3 NextTest 1

Last updated 6 days ago

Was this helpful?