Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
9.1
CVSSv3
CVE-2017-11694
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and financi...
Medhost Medhost Document Management System -
9.8
CVSSv3
CVE-2017-11614
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial informatio...
Medhost Connex -
NA
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote malicious users to obtain access via an HTTP session.
Servision Hvg Video Gateway Firmware
9.8
CVSSv3
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
NA
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a78 allows remote malicious users to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
Servision Hvg Video Gateway Firmware
7.5
CVSSv3
CVE-2013-1352
Verax NMS before 2.1.0 uses an encryption key that is hardcoded in a JAR archive.
Veraxsystems Network Management System
NA
CVE-2020-283292
Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25...
9.8
CVSSv3
CVE-2019-6698
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder d...
Fortinet Fortirecorder Firmware
9.8
CVSSv3
CVE-2018-20432
D-Link COVR-2600R and COVR-3902 Kit prior to 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated malicious users to gain privileged access to the router, and to extract sensitive data or modify the configuration.
Dlink Covr-2600r Firmware
Dlink Covr-3902 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »