Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9493
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the malicious user to learn the location of...
Mycarcontrols Mycar Controls
NA
CVE-2009-3710
RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote malicious users to gain privileges via port 8022.
Riorey Rios 4.7.0
Riorey Rios 4.6.6
1 EDB exploit
9.8
CVSSv3
CVE-2018-10578
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an malicious user to bypass validation o...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
7.8
CVSSv3
CVE-2023-22360
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and previous versions due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to informat...
Jtekt Screen Creator Advance 2 0.1.1.4
Jtekt Screen Creator Advance 2
NA
CVE-2006-4950
Cisco IOS 12.2 up to and including 12.4 prior to 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allow...
Cisco Ios 12.3\\(11\\)t4
Cisco Ios 12.3\\(11\\)t5
Cisco Ios 12.3\\(11\\)yf2
Cisco Ios 12.3\\(11\\)yf3
Cisco Ios 12.3\\(11\\)yr
Cisco Ios 12.3\\(11\\)ys
Cisco Ios 12.3\\(13a\\)
Cisco Ios 12.3\\(13a\\)bc
Cisco Ios 12.3\\(14\\)ym4
Cisco Ios 12.3\\(14\\)yq
Cisco Ios 12.3\\(15\\)
Cisco Ios 12.3\\(15b\\)
Cisco Ios 12.3\\(2\\)t3
Cisco Ios 12.3\\(2\\)t8
Cisco Ios 12.3\\(2\\)xe3
Cisco Ios 12.3\\(2\\)xe4
Cisco Ios 12.3\\(4\\)t1
Cisco Ios 12.3\\(4\\)t2
Cisco Ios 12.3\\(4\\)xd2
Cisco Ios 12.3\\(4\\)xe4
Cisco Ios 12.3\\(4\\)xk1
Cisco Ios 12.3\\(4\\)xk3
NA
CVE-2013-4866
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate malicious users to trigger physical resource consumption (water or heat) or user discomfort.
Lixil My Satis Genius Toilet -
7.5
CVSSv3
CVE-2019-10920
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an u...
Siemens Logo\\!8 Bm Firmware
NA
CVE-2001-0839
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote malicious users to modify account information in the .htpasswd file via brute force password guessing.
Ibill Internet Billing Company Processing Plus
1 EDB exploit
9.8
CVSSv3
CVE-2016-6532
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote malicious users to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session.
Dexis Imaging Suite
8.1
CVSSv3
CVE-2018-4062
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activat...
Sierrawireless Airlink Es450 Firmware 4.9.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »