Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-51629
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerabili...
NA
CVE-2019-0034
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a vulnerability. Notes: Google gRPC credentials were found which existed for specific internal product testing purposes which are not u...
1 Article
9.8
CVSSv3
CVE-2017-17107
Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root user. The SONIX operating system's setup renders this password unchangeable and it can be used to access the device via a TELNET session.
Zivif Pr115-204-p-rs Firmware 2.3.4.2103
9.8
CVSSv3
CVE-2017-17106
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerability exists because of a lack of authentication checks in requests to CGI pages.
Zivif Pr115-204-p-rs Firmware 2.3.4.2103
9.8
CVSSv3
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
NA
CVE-2023-39482
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is requir...
NA
CVE-2014-0329
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote malicious users to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the pass...
Zte Zxv10 W300 2.1.0
1 EDB exploit
NA
CVE-2012-1288
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote malicious users to obtain access via an HTTP session.
Utc Utc Fire \\& Security Ge-mc100-ntp\\/gps-zb Master Clock Device -
NA
CVE-2023-35724
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vu...
9.8
CVSSv3
CVE-2020-28329
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25,...
Barco Wepresent Wipg-1600w Firmware 2.4.1.19
Barco Wepresent Wipg-1600w Firmware 2.5.0.24
Barco Wepresent Wipg-1600w Firmware 2.5.0.25
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »