Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2015-2903
The CWSAPI SOAP service in HP ArcSight SmartConnectors prior to 7.1.6 has a hardcoded password, which makes it easier for remote malicious users to obtain administrative access by leveraging knowledge of this password.
Hp Arcsight Smartconnectors
10
CVSSv2
CVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote malicious users to obtain access via a TELNET session.
Zmodo Zp-ne-14-s -
Zmodo Zp-ibh-13w -
NA
CVE-2023-39465
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TmwCrypto class. The issue results f...
NA
CVE-2023-44411
This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the InstallApplication class. The class contains a hard-coded password for...
NA
CVE-2023-39458
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certificates. The servi...
5
CVSSv2
CVE-2016-5650
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote malicious users to trigger association with an arbitrary access point by using a recognized SSID value.
Zmodo Zp-ibh-13w -
Zmodo Zp-ne-14-s -
6.8
CVSSv2
CVE-2015-2902
HP ArcSight SmartConnectors prior to 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle malicious users to spoof devices and obtain sensitive information via a crafted certificate.
Hp Arcsight Smartconnectors
5
CVSSv2
CVE-2015-8287
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote malicious users to watch live video by visiting an unspecified URL.
Swann Swnvw-470cam Firmware
Swann Srnvw-470lcd Firmware
4.3
CVSSv2
CVE-2015-8288
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions use the same hardcoded private key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms by leve...
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
4.3
CVSSv2
CVE-2015-8289
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions allows remote malicious users to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »