Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2012-1288
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote malicious users to obtain access via an HTTP session.
Utc Utc Fire \\& Security Ge-mc100-ntp\\/gps-zb Master Clock Device -
NA
CVE-2023-35724
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vu...
1000
VMScore
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
1000
VMScore
CVE-2018-5723
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
890
VMScore
CVE-2017-12574
An issue exists on PLANEX CS-W50HD devices with firmware prior to 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows malicious users to gain unauthorized access ...
Planex Cs-w50hd Firmware
505
VMScore
CVE-2018-5725
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
505
VMScore
CVE-2018-5726
MASTER IPCAMERA01 3.3.4.2103 devices allow remote malicious users to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
890
VMScore
CVE-2017-12577
An issue exists on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows malicious users to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.
Planex Cs-qr20 Firmware 1.30
Planex Smacam Night Vision -
320
VMScore
CVE-2012-3355
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and previous versions allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
Gnome Rhythmbox 0.12.8
Gnome Rhythmbox 0.12.7
Gnome Rhythmbox 0.12.6
Gnome Rhythmbox 0.11.6
Gnome Rhythmbox 0.11.5
Gnome Rhythmbox 0.10.0
Gnome Rhythmbox 0.10.0.90
Gnome Rhythmbox 0.9.3
Gnome Rhythmbox 0.9.3.1
Gnome Rhythmbox 0.8.5
Gnome Rhythmbox 0.8.4
Gnome Rhythmbox 0.7.0
Gnome Rhythmbox 0.6.8
Gnome Rhythmbox 0.6.0
Gnome Rhythmbox 0.5.88
Gnome Rhythmbox 0.13.1
Gnome Rhythmbox 0.13.0
Gnome Rhythmbox 0.12.1
Gnome Rhythmbox 0.12.0
Gnome Rhythmbox 0.11.0
Gnome Rhythmbox 0.10.1
Gnome Rhythmbox 0.9.5
505
VMScore
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »