Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0329
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote malicious users to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the pass...
Zte Zxv10 W300 2.1.0
1 EDB exploit
8.8
CVSSv3
CVE-2021-27254
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the u...
Netgear Br200 Firmware
Netgear Br500 Firmware
Netgear D7800 Firmware
Netgear Ex6100v2 Firmware
Netgear Ex6150v2 Firmware
Netgear Ex6250 Firmware
Netgear Ex6400 Firmware
Netgear Ex6400v2 Firmware
Netgear Ex6410 Firmware
Netgear Ex6420 Firmware
Netgear Ex7300 Firmware
Netgear Ex7300v2 Firmware
Netgear Ex7320 Firmware
Netgear Ex7700 Firmware
Netgear Ex8000 Firmware
Netgear Lbr20 Firmware
Netgear R7800 Firmware
Netgear R8900 Firmware
Netgear R9000 Firmware
Netgear Rbk12 Firmware
Netgear Rbk13 Firmware
Netgear Rbk14 Firmware
8.8
CVSSv3
CVE-2021-23845
This vulnerability could allow an malicious user to hijack a session while a user is logged in the configuration web page. This vulnerability exists by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already ...
Bosch B426 Firmware
Bosch B426-cn Firmware
Bosch B429-cn Firmware
Bosch B426-m Firmware
9.8
CVSSv3
CVE-2021-33218
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded System Passwords that provide shell access.
Commscope Ruckus Iot Controller
NA
CVE-2012-4952
Henry Schein Dentrix G5 prior to 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote malicious users to obtain sensitive information about patients by leveraging knowledge of this password from anothe...
Dentrix G5
NA
CVE-2023-32169
This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic ke...
9.8
CVSSv3
CVE-2023-30912
A remote code execution issue exists in HPE OneView.
Hpe Oneview
NA
CVE-2015-2897
Sierra Wireless ALEOS prior to 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote malicious users to obtain administrative access via a (1) SSH or (2) TELNET session.
Sierrawireless Aleos
9.8
CVSSv3
CVE-2016-4328
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) prior to 2015R1 has hardcoded credentials, which makes it easier for remote malicious users to obtain sensitive information via direct requests to the application database server.
Medhost Perioperative Information Management System -
1 Article
NA
CVE-2023-44411
This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the InstallApplication class. The class contains a hard-coded password for...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »