Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-7265
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 EDB exploit
10
CVSSv2
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
10
CVSSv2
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
10
CVSSv2
CVE-2019-12776
An issue exists on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardc...
Enttec Datagate Mk2 Firmware 70044
Enttec Storm 24 Firmware 70044
Enttec Pixelator Firmware 70044
Enttec E-streamer Mk2 Firmware 70044
10
CVSSv2
CVE-2019-1804
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to connect to the affected system with the privileges of the root user. The vulnerability ...
Cisco Nexus 9332pq Firmware 14.0\\(3d\\)
Cisco Nexus 93180yc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 93128tx Firmware 14.0\\(3d\\)
Cisco Nexus 93120tx Firmware 14.0\\(3d\\)
Cisco Nexus 93108tc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 9516 Firmware 14.0\\(3d\\)
Cisco Nexus 9508 Firmware 14.0\\(3d\\)
Cisco Nexus 9504 Firmware 14.0\\(3d\\)
Cisco Nexus 9500 Firmware 14.0\\(3d\\)
Cisco Nexus 9396tx Firmware 14.0\\(3d\\)
Cisco Nexus 9396px Firmware 14.0\\(3d\\)
Cisco Nexus 9372tx Firmware 14.0\\(3d\\)
Cisco Nexus 9372px Firmware 14.0\\(3d\\)
1 Article
10
CVSSv2
CVE-2019-9160
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and previous versions has a backdoor account allowing a remote malicious user to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated...
Xinruidz Sundray Wan Controller Firmware
10
CVSSv2
CVE-2018-17565
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows malicious users to execute arbitrary system commands and gain a root shell.
Grandstream Gxp1610 Firmware 1.0.4.128
Grandstream Gxp1615 Firmware 1.0.4.128
Grandstream Gxp1620 Firmware 1.0.4.128
Grandstream Gxp1625 Firmware 1.0.4.128
Grandstream Gxp1628 Firmware 1.0.4.128
Grandstream Gxp1630 Firmware 1.0.4.128
10
CVSSv2
CVE-2018-18473
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow malicious users to enable an SSH daemon via the "kankichi&q...
Patlite Nbm-d88n Firmware -
Patlite Nhl-3fb1 Firmware -
Patlite Nhl-3fv1n Firmware -
10
CVSSv2
CVE-2019-3918
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
10
CVSSv2
CVE-2018-5399
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to...
Auto-maskin Dcu-210e Firmware
Auto-maskin Rp-210e Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »