Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backdoor vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Vsftpd Project Vsftpd 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Nmap scripts
40 Github repositories
8.1
CVSSv3
CVE-2017-6351
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hard...
Wepresent Wipg-1500 Firmware 1.0.3.7
1 EDB exploit
8.8
CVSSv3
CVE-2016-10401
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote malicious users to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).
Zyxel Pk5001z Firmware -
1 EDB exploit
1 Github repository
NA
CVE-2015-0964
600,000 cable modems have an easy to pop backdoor in a backdoor
1 Article
NA
CVE-2012-2441
RuggedCom Rugged Operating System (ROS) prior to 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote malicious users to obtain access by performing a calculation on this address value, and then establishing a ...
Siemens Ruggedcom Rugged Operating System
1 EDB exploit
NA
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Groupware 1.2.10
Horde Horde 3.3.12
1 EDB exploit
NA
CVE-2012-5159
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote malicious users to execute arbitrary PHP code via an eval injection att...
Phpmyadmin Phpmyadmin 3.5.2.2
1 EDB exploit
9.8
CVSSv3
CVE-2020-15921
Mida eFramework up to and including 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
Midasolutions Eframework
NA
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8...
1 EDB exploit
NA
CVE-2000-1230
Backdoor in auth.php3 in Phorum 3.0.7 allows remote malicious users to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
Phorum Phorum 3.0.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »