Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1288
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote malicious users to obtain access via an HTTP session.
Utc Utc Fire \\& Security Ge-mc100-ntp\\/gps-zb Master Clock Device -
NA
CVE-2023-35724
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vu...
9.8
CVSSv3
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
9.8
CVSSv3
CVE-2018-5723
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
9.8
CVSSv3
CVE-2017-12574
An issue exists on PLANEX CS-W50HD devices with firmware prior to 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows malicious users to gain unauthorized access ...
Planex Cs-w50hd Firmware
7.5
CVSSv3
CVE-2018-5725
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
9.8
CVSSv3
CVE-2018-5726
MASTER IPCAMERA01 3.3.4.2103 devices allow remote malicious users to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
9.8
CVSSv3
CVE-2017-12577
An issue exists on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows malicious users to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.
Planex Cs-qr20 Firmware 1.30
Planex Smacam Night Vision -
NA
CVE-2012-3355
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and previous versions allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
Gnome Rhythmbox 0.12.8
Gnome Rhythmbox 0.12.7
Gnome Rhythmbox 0.12.6
Gnome Rhythmbox 0.11.6
Gnome Rhythmbox 0.11.5
Gnome Rhythmbox 0.10.0
Gnome Rhythmbox 0.10.0.90
Gnome Rhythmbox 0.9.3
Gnome Rhythmbox 0.9.3.1
Gnome Rhythmbox 0.8.5
Gnome Rhythmbox 0.8.4
Gnome Rhythmbox 0.7.0
Gnome Rhythmbox 0.6.8
Gnome Rhythmbox 0.6.0
Gnome Rhythmbox 0.5.88
Gnome Rhythmbox 0.13.1
Gnome Rhythmbox 0.13.0
Gnome Rhythmbox 0.12.1
Gnome Rhythmbox 0.12.0
Gnome Rhythmbox 0.11.0
Gnome Rhythmbox 0.10.1
Gnome Rhythmbox 0.9.5
7.5
CVSSv3
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »