Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-10576
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
9
CVSSv2
CVE-2018-10577
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowin...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
1 EDB exploit
7.5
CVSSv2
CVE-2018-10575
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
NA
CVE-2023-39169
The affected devices use publicly available default credentials with administrative privileges.
Enbw Senec Storage Box Firmware -
10
CVSSv2
CVE-2010-1574
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote malicious users to modify the configuration or obtain potenti...
Cisco Ios 12.2\\(52\\)se1
Cisco Ios 12.2\\(52\\)se
Cisco Industrial Ethernet 3000
NA
CVE-2023-39167
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data.
Enbw Senec Storage Box Firmware
NA
CVE-2023-39168
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it's a duplicate of CVE-2023-39167.
NA
CVE-2022-29889
A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vul...
Goabode Iota All-in-one Security Kit Firmware 6.9z
6.4
CVSSv2
CVE-2017-11694
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and financi...
Medhost Medhost Document Management System -
7.5
CVSSv2
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »