Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-9160
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and previous versions has a backdoor account allowing a remote malicious user to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated...
Xinruidz Sundray Wan Controller Firmware
890
VMScore
CVE-2018-17565
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows malicious users to execute arbitrary system commands and gain a root shell.
Grandstream Gxp1610 Firmware 1.0.4.128
Grandstream Gxp1615 Firmware 1.0.4.128
Grandstream Gxp1620 Firmware 1.0.4.128
Grandstream Gxp1625 Firmware 1.0.4.128
Grandstream Gxp1628 Firmware 1.0.4.128
Grandstream Gxp1630 Firmware 1.0.4.128
890
VMScore
CVE-2018-18473
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow malicious users to enable an SSH daemon via the "kankichi&q...
Patlite Nbm-d88n Firmware -
Patlite Nhl-3fb1 Firmware -
Patlite Nhl-3fv1n Firmware -
890
VMScore
CVE-2019-3918
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
890
VMScore
CVE-2018-5399
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to...
Auto-maskin Dcu-210e Firmware
Auto-maskin Rp-210e Firmware
890
VMScore
CVE-2018-0035
QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Enviro...
Juniper Junos 15.1x53
890
VMScore
CVE-2018-12338
Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.
Ecos System Management Appliance 5.2.68
890
VMScore
CVE-2018-12336
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.
Ecos Secure Boot Stick Firmware 5.6.5
890
VMScore
CVE-2016-9335
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Managed Ethernet switches and ...
Redlion Sixnet-managed Industrial Switches Firmware
Redlion Stride-managed Ethernet Switches Firmware
890
VMScore
CVE-2017-14459
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username param...
Moxa Awk-3131a Firmware 1.7
Moxa Awk-3131a Firmware 1.5
Moxa Awk-3131a Firmware 1.4
Moxa Awk-3131a Firmware 1.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »