hard-coded vulnerabilities and exploits

(subscribe to this query)

9.8

CVSSv3

MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to...

Medhost Connex -

2.1

RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information....

Realtek Rtl8111ep-cg Firmware 5.0.10 Realtek Rtl8111ep-cg Firmware Realtek Rtl8111fp-cg Firmware 5.0.10 Realtek Rtl8111fp-cg Firmware1 Github repository available

9.8

CVSSv3

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of...

Moxa Awk-3131a Firmware 1.11 Github repository available

5.3

CVSSv3

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device....

Westermo Mrd-305-din Firmware -Westermo Mrd-315-din Firmware -Westermo Mrd-355-din Firmware -Westermo Mrd-455-din Firmware -

7.5

In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow.sample....

Totolink A860r Firmware 4.1.2cu.5182 B202010272 Github repositories available

9.8

In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample....

Totolink T6 Firmware 4.1.5cu.709 B202105181 Github repository available

8

CVSSv3

The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. An unauthenticated remote attacker could reverse engineer the cryptographic system used in the Dell Wyse Password Encoder to discover the hard coded...

Dell Wyse Thinlinux

9.8

CVSSv3

Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1....

Gravitl Netmaker

7.8

CVSSv3

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist....

Commscope Ruckus Iot Controller

9.8

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP...

Dell Emc Secure Connect Gateway Policy Manager1 Github repository available

Get Started

« PREV 1 2 3 4 5 6 7 8 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook