Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-2902
HP ArcSight SmartConnectors prior to 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle malicious users to spoof devices and obtain sensitive information via a crafted certificate.
Hp Arcsight Smartconnectors
6.9
CVSSv2
CVE-2015-2903
The CWSAPI SOAP service in HP ArcSight SmartConnectors prior to 7.1.6 has a hardcoded password, which makes it easier for remote malicious users to obtain administrative access by leveraging knowledge of this password.
Hp Arcsight Smartconnectors
NA
CVE-2023-39465
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication i...
NA
CVE-2023-39458
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not...
10
CVSSv2
CVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote malicious users to obtain access via a TELNET session.
Zmodo Zp-ne-14-s -
Zmodo Zp-ibh-13w -
NA
CVE-2023-44411
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. ...
NA
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
5
CVSSv2
CVE-2015-8287
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote malicious users to watch live video by visiting an unspecified URL.
Swann Swnvw-470cam Firmware
Swann Srnvw-470lcd Firmware
4.3
CVSSv2
CVE-2015-8289
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions allows remote malicious users to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
4.3
CVSSv2
CVE-2015-8288
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions use the same hardcoded private key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms by leve...
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »