Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-10578
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an malicious user to bypass validation o...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
NA
CVE-2009-3710
RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote malicious users to gain privileges via port 8022.
Riorey Rios 4.7.0
Riorey Rios 4.6.6
1 EDB exploit
9.8
CVSSv3
CVE-2019-9493
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the malicious user to learn the location of...
Mycarcontrols Mycar Controls
NA
CVE-2006-4950
Cisco IOS 12.2 up to and including 12.4 prior to 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allow...
Cisco Ios 12.3\\(11\\)t4
Cisco Ios 12.3\\(11\\)t5
Cisco Ios 12.3\\(11\\)yf2
Cisco Ios 12.3\\(11\\)yf3
Cisco Ios 12.3\\(11\\)yr
Cisco Ios 12.3\\(11\\)ys
Cisco Ios 12.3\\(13a\\)
Cisco Ios 12.3\\(13a\\)bc
Cisco Ios 12.3\\(14\\)ym4
Cisco Ios 12.3\\(14\\)yq
Cisco Ios 12.3\\(15\\)
Cisco Ios 12.3\\(15b\\)
Cisco Ios 12.3\\(2\\)t3
Cisco Ios 12.3\\(2\\)t8
Cisco Ios 12.3\\(2\\)xe3
Cisco Ios 12.3\\(2\\)xe4
Cisco Ios 12.3\\(4\\)t1
Cisco Ios 12.3\\(4\\)t2
Cisco Ios 12.3\\(4\\)xd2
Cisco Ios 12.3\\(4\\)xe4
Cisco Ios 12.3\\(4\\)xk1
Cisco Ios 12.3\\(4\\)xk3
7.5
CVSSv3
CVE-2019-10920
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an u...
Siemens Logo\\!8 Bm Firmware
NA
CVE-2013-4866
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate malicious users to trigger physical resource consumption (water or heat) or user discomfort.
Lixil My Satis Genius Toilet -
NA
CVE-2001-0839
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote malicious users to modify account information in the .htpasswd file via brute force password guessing.
Ibill Internet Billing Company Processing Plus
1 EDB exploit
7.8
CVSSv3
CVE-2023-22360
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and previous versions due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to informat...
Jtekt Screen Creator Advance 2 0.1.1.4
Jtekt Screen Creator Advance 2
9.8
CVSSv3
CVE-2015-8362
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices prior to 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote malicious users to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-20...
Harman Amx Firmware 1.2.322
Harman Amx Firmware 1.3.100
8.8
CVSSv3
CVE-2018-10532
An issue exists on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH credentials were discovered to be stored within the "core_app" binary utilised by the EE router for networking services. An attacker with knowledge of the default password (oelinux123...
Ee 4gee Firmware Hh70 E1 02.00 19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »