Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
NA
CVE-2015-2903
The CWSAPI SOAP service in HP ArcSight SmartConnectors prior to 7.1.6 has a hardcoded password, which makes it easier for remote malicious users to obtain administrative access by leveraging knowledge of this password.
Hp Arcsight Smartconnectors
NA
CVE-2023-39458
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not...
NA
CVE-2023-39465
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication i...
NA
CVE-2023-44411
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. ...
NA
CVE-2015-2902
HP ArcSight SmartConnectors prior to 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle malicious users to spoof devices and obtain sensitive information via a crafted certificate.
Hp Arcsight Smartconnectors
7.5
CVSSv3
CVE-2016-5650
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote malicious users to trigger association with an arbitrary access point by using a recognized SSID value.
Zmodo Zp-ibh-13w -
Zmodo Zp-ne-14-s -
9.8
CVSSv3
CVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote malicious users to obtain access via a TELNET session.
Zmodo Zp-ne-14-s -
Zmodo Zp-ibh-13w -
5.3
CVSSv3
CVE-2015-8287
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote malicious users to watch live video by visiting an unspecified URL.
Swann Swnvw-470cam Firmware
Swann Srnvw-470lcd Firmware
5.9
CVSSv3
CVE-2015-8288
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions use the same hardcoded private key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms by leve...
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »