Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39458
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not...
NA
CVE-2023-39465
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication i...
7
CVSSv3
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
NA
CVE-2015-2902
HP ArcSight SmartConnectors prior to 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle malicious users to spoof devices and obtain sensitive information via a crafted certificate.
Hp Arcsight Smartconnectors
NA
CVE-2015-2903
The CWSAPI SOAP service in HP ArcSight SmartConnectors prior to 7.1.6 has a hardcoded password, which makes it easier for remote malicious users to obtain administrative access by leveraging knowledge of this password.
Hp Arcsight Smartconnectors
NA
CVE-2023-44411
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. ...
7.5
CVSSv3
CVE-2016-5650
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote malicious users to trigger association with an arbitrary access point by using a recognized SSID value.
Zmodo Zp-ibh-13w -
Zmodo Zp-ne-14-s -
9.8
CVSSv3
CVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote malicious users to obtain access via a TELNET session.
Zmodo Zp-ibh-13w -
Zmodo Zp-ne-14-s -
NA
CVE-2023-51588
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local malicious users to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability...
7.5
CVSSv3
CVE-2015-8289
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions allows remote malicious users to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »