Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2013-1351
Verax NMS before 2.10 allows authentication via the encrypted password without knowing the cleartext password.
Veraxsystems Network Management System
9.8
CVSSv3
CVE-2020-28329
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25,...
Barco Wepresent Wipg-1600w Firmware 2.4.1.19
Barco Wepresent Wipg-1600w Firmware 2.5.0.24
Barco Wepresent Wipg-1600w Firmware 2.5.0.25
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
9.8
CVSSv3
CVE-2017-17106
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerability exists because of a lack of authentication checks in requests to CGI pages.
Zivif Pr115-204-p-rs Firmware 2.3.4.2103
NA
CVE-2023-39482
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is requir...
9.8
CVSSv3
CVE-2020-28334
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-2...
Barco Wepresent Wipg-1600w Firmware 2.4.1.19
Barco Wepresent Wipg-1600w Firmware 2.5.0.24
Barco Wepresent Wipg-1600w Firmware 2.5.0.25
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
9.8
CVSSv3
CVE-2017-17107
Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root user. The SONIX operating system's setup renders this password unchangeable and it can be used to access the device via a TELNET session.
Zivif Pr115-204-p-rs Firmware 2.3.4.2103
9.8
CVSSv3
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
6.5
CVSSv3
CVE-2020-28330
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web us...
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
NA
CVE-2014-0329
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote malicious users to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the pass...
Zte Zxv10 W300 2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2020-12110
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Tp-link Nc200 Firmware 2.1.6
Tp-link Nc200 Firmware 2.1.9
Tp-link Nc210 Firmware 1.0.3
Tp-link Nc210 Firmware 1.0.4
Tp-link Nc210 Firmware 1.0.9
Tp-link Nc220 Firmware 1.2.0
Tp-link Nc220 Firmware 1.3.0
Tp-link Nc230 Firmware 1.0.3
Tp-link Nc230 Firmware 1.2.1
Tp-link Nc230 Firmware 1.3.0
Tp-link Nc250 Firmware 1.0.8
Tp-link Nc250 Firmware 1.0.10
Tp-link Nc250 Firmware 1.2.1
Tp-link Nc250 Firmware 1.3.0
Tp-link Nc260 Firmware 1.0.5
Tp-link Nc260 Firmware 1.0.6
Tp-link Nc260 Firmware 1.4.1
Tp-link Nc260 Firmware 1.5.0
Tp-link Nc260 Firmware 1.5.2
Tp-link Nc450 Firmware 1.0.15
Tp-link Nc450 Firmware 1.1.2
Tp-link Nc450 Firmware 1.3.4
1 Metasploit module
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »