Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29011
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and previous versions versions.
NA
CVE-2021-332192
An undocumented, administrative-level, hard-coded web application account exists in the IoT Controller OVA which cannot be changed by the customer.
9.8
CVSSv3
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote malicious users to obtain sensitive Dental.DB patient information via SQL statements.
Patterson Dental Eaglesoft 17.0
7.8
CVSSv3
CVE-2016-2363
Fonality (previously trixbox Pro) 12.6 up to and including 14.1i prior to 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.
Fonality Fonality 12.6
Fonality Fonality 14.1i
Fonality Fonality 12.8
7.5
CVSSv3
CVE-2016-2364
The Chrome HUDweb plugin prior to 2016-05-05 for Fonality (previously trixbox Pro) 12.6 up to and including 14.1i uses the same hardcoded private key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms ...
Fonality Hud Web
Fonality Fonality 12.8
Fonality Fonality 12.6
Fonality Fonality 14.1i
9.8
CVSSv3
CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users.
Advantech R-seenet
9.8
CVSSv3
CVE-2016-2362
Fonality (previously trixbox Pro) 12.6 up to and including 14.1i prior to 2016-06-01 has a hardcoded password for the FTP account, which allows remote malicious users to obtain access via a (1) FTP or (2) SSH connection.
Fonality Fonality 12.6
Fonality Fonality 12.8
Fonality Fonality 14.1i
9.8
CVSSv3
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
7.3
CVSSv3
CVE-2021-31477
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware an...
Ge Reason Rpv311 Firmware 14a03
8.8
CVSSv3
CVE-2021-27254
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the u...
Netgear Br200 Firmware
Netgear Br500 Firmware
Netgear D7800 Firmware
Netgear Ex6100v2 Firmware
Netgear Ex6150v2 Firmware
Netgear Ex6250 Firmware
Netgear Ex6400 Firmware
Netgear Ex6400v2 Firmware
Netgear Ex6410 Firmware
Netgear Ex6420 Firmware
Netgear Ex7300 Firmware
Netgear Ex7300v2 Firmware
Netgear Ex7320 Firmware
Netgear Ex7700 Firmware
Netgear Ex8000 Firmware
Netgear Lbr20 Firmware
Netgear R7800 Firmware
Netgear R8900 Firmware
Netgear R9000 Firmware
Netgear Rbk12 Firmware
Netgear Rbk13 Firmware
Netgear Rbk14 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »