Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42973
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions p...
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
755
VMScore
CVE-2018-10575
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
465
VMScore
CVE-2018-10576
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
905
VMScore
CVE-2018-10577
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowin...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
1 EDB exploit
890
VMScore
CVE-2010-1574
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote malicious users to modify the configuration or obtain potenti...
Cisco Ios 12.2\\(52\\)se1
Cisco Ios 12.2\\(52\\)se
Cisco Industrial Ethernet 3000
1000
VMScore
CVE-2005-2611
VERITAS Backup Exec for Windows Servers 8.6 up to and including 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 up to and including 5.1 uses a static password during authentication from the NDMP agent to the server, which allow...
Symantec Veritas Backup Exec Netware Servers 9.0.4170
Symantec Veritas Backup Exec Netware Servers 9.0.4172
Symantec Veritas Backup Exec Netware Servers 9.1.1152 .4
Symantec Veritas Backup Exec Netware Servers 9.1.1154
Symantec Veritas Backup Exec Windows Servers 8.6
Symantec Veritas Backup Exec Windows Servers 9.0
Symantec Veritas Backup Exec Windows Servers 9.1 Rev. 4691 Sp2
Symantec Veritas Backup Exec Remote Agent Netware Server
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp6
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp6
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp4
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp5
Symantec Veritas Netbackup Netware Media Servers 5.1
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .2
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .3
Symantec Veritas Backup Exec Netware Servers 9.1.1127 .1
Symantec Veritas Backup Exec Netware Servers 9.1.307
Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5484
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454 Sp1
1 EDB exploit
668
VMScore
CVE-2021-33219
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Commscope Ruckus Iot Controller
NA
CVE-2023-39169
The affected devices use publicly available default credentials with administrative privileges.
Enbw Senec Storage Box Firmware -
NA
CVE-2022-29889
A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vul...
Goabode Iota All-in-one Security Kit Firmware 6.9z
668
VMScore
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »