Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-1352
Verax NMS before 2.1.0 uses an encryption key that is hardcoded in a JAR archive.
Veraxsystems Network Management System
NA
CVE-2020-283292
Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25...
NA
CVE-2023-22957
An issue exists in libac_des3.so on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., t...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
668
VMScore
CVE-2014-9614
The Web Panel in Netsweeper prior to 4.0.5 has a default password of branding for the branding account, which makes it easier for remote malicious users to obtain access via a request to webadmin/.
Netsweeper Netsweeper
570
VMScore
CVE-2019-9974
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote malicious users to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.
Dasannetworks H660rm Firmware 1.03-0022
445
VMScore
CVE-2019-9975
DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.
Dasannetworks H660rm Firmware 1.03-0022
890
VMScore
CVE-2014-6617
Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Industrial.softing Fg-100 Pb Profibus Firmware Fg-x00-pb V2.02.0.00
356
VMScore
CVE-2019-9976
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.
Dasannetworks H660rm Firmware 1.03-0022
890
VMScore
CVE-2016-4328
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) prior to 2015R1 has hardcoded credentials, which makes it easier for remote malicious users to obtain sensitive information via direct requests to the application database server.
Medhost Perioperative Information Management System -
1 Article
668
VMScore
CVE-2018-18006
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names o...
Ricoh Myprint 2.2.7
Ricoh Myprint 2.9.2.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »