Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backdoor vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Vsftpd Project Vsftpd 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Nmap scripts
42 Github repositories
9
CVSSv2
CVE-2016-10401
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote malicious users to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).
Zyxel Pk5001z Firmware -
1 EDB exploit
1 Github repository
9.3
CVSSv2
CVE-2017-6351
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hard...
Wepresent Wipg-1500 Firmware 1.0.3.7
1 EDB exploit
NA
CVE-2015-0964
600,000 cable modems have an easy to pop backdoor in a backdoor
1 Article
8.5
CVSSv2
CVE-2012-2441
RuggedCom Rugged Operating System (ROS) prior to 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote malicious users to obtain access by performing a calculation on this address value, and then establishing a ...
Siemens Ruggedcom Rugged Operating System
1 EDB exploit
7.5
CVSSv2
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Horde 3.3.12
Horde Groupware 1.2.10
1 EDB exploit
7.5
CVSSv2
CVE-2012-5159
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote malicious users to execute arbitrary PHP code via an eval injection att...
Phpmyadmin Phpmyadmin 3.5.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2020-15921
Mida eFramework up to and including 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
Midasolutions Eframework
5
CVSSv2
CVE-2000-1230
Backdoor in auth.php3 in Phorum 3.0.7 allows remote malicious users to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
Phorum Phorum 3.0.7
1 EDB exploit
10
CVSSv2
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8...
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »