Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-25987
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.
Monocms Monocms 1.0
383
VMScore
CVE-2020-25986
A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows malicious users to change the password of a user.
Monocms Monocms 1.0
605
VMScore
CVE-2015-4080
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote malicious users to (1) obtain sensitive information by sniffing the network and (2) obtain access to the device by encrypting messages.
Kankun Smartsocket
641
VMScore
CVE-2019-15015
In the Zingbox Inspector, versions 1.294 and previous versions, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.
Zingbox Inspector
NA
CVE-2013-25733
TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.
641
VMScore
CVE-2006-4082
Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
Barracuda Networks Barracuda Spam Firewall 3.3.03.053
NA
CVE-2011-3682
The Singtel 2Wire gateway router comes shipped with a hardcoded password that cannot be changed and suffers from a lack of cross site request forgery protection.
383
VMScore
CVE-2018-15752
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cleartext Transmission of Sensitive Information allows man-in-the-middle malicious users to eavesdrop authentication information between the application and the server.
Mensamax Mensamax 4.3
445
VMScore
CVE-2018-15753
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password.
Mensamax Mensamax 4.3
801
VMScore
CVE-2022-31208
An issue exists in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.
Infiray Iray-a8z3 Firmware 1.0.957
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »