Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
890
VMScore
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote malicious users to obtain sensitive Dental.DB patient information via SQL statements.
Patterson Dental Eaglesoft 17.0
445
VMScore
CVE-2016-2364
The Chrome HUDweb plugin prior to 2016-05-05 for Fonality (previously trixbox Pro) 12.6 up to and including 14.1i uses the same hardcoded private key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms ...
Fonality Hud Web
Fonality Fonality 12.8
Fonality Fonality 12.6
Fonality Fonality 14.1i
NA
CVE-2024-29011
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and previous versions versions.
NA
CVE-2021-332192
An undocumented, administrative-level, hard-coded web application account exists in the IoT Controller OVA which cannot be changed by the customer.
890
VMScore
CVE-2016-2362
Fonality (previously trixbox Pro) 12.6 up to and including 14.1i prior to 2016-06-01 has a hardcoded password for the FTP account, which allows remote malicious users to obtain access via a (1) FTP or (2) SSH connection.
Fonality Fonality 12.6
Fonality Fonality 12.8
Fonality Fonality 14.1i
641
VMScore
CVE-2016-2363
Fonality (previously trixbox Pro) 12.6 up to and including 14.1i prior to 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.
Fonality Fonality 12.6
Fonality Fonality 14.1i
Fonality Fonality 12.8
NA
CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users.
Advantech R-seenet
739
VMScore
CVE-2021-27254
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the u...
Netgear Br200 Firmware
Netgear Br500 Firmware
Netgear D7800 Firmware
Netgear Ex6100v2 Firmware
Netgear Ex6150v2 Firmware
Netgear Ex6250 Firmware
Netgear Ex6400 Firmware
Netgear Ex6400v2 Firmware
Netgear Ex6410 Firmware
Netgear Ex6420 Firmware
Netgear Ex7300 Firmware
Netgear Ex7300v2 Firmware
Netgear Ex7320 Firmware
Netgear Ex7700 Firmware
Netgear Ex8000 Firmware
Netgear Lbr20 Firmware
Netgear R7800 Firmware
Netgear R8900 Firmware
Netgear R9000 Firmware
Netgear Rbk12 Firmware
Netgear Rbk13 Firmware
Netgear Rbk14 Firmware
641
VMScore
CVE-2021-31505
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3_278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a spe...
Arlo Q Plus Firmware 1.9.0.3 278
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »