hard-coded vulnerabilities and exploits

(subscribe to this query)

5.9

CVSSv3

Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an administrator's SSL conversation....

Fortinet Fcm-mb40 Firmware 1.2.0.0

9.8

EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user....

Exfo Bv-10 Firmware -1 Github repository available

8.8

CVSSv3

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker....

Draeger X-dock Firmware1 Github repository available

9.8

CVSSv3

SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password....

Sick Msc800 Firmware

7.5

CVSSv3

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any...

Westermo Mrd-305-din Firmware -Westermo Mrd-315-din Firmware -Westermo Mrd-355-din Firmware -Westermo Mrd-455-din Firmware -

7.5

CVSSv3

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and...

Dell Emc Data Protection Advisor 6.4 Dell Emc Data Protection Advisor 6.5 Dell Emc Data Protection Advisor 18.11 Github repository available

9.8

CVSSv3

backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user....

Seagate Blackarmor Nas 220 Firmware -Seagate Blackarmor Nas 110 Firmware -

7.5

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information....

Akuvox E11 Firmware -

9.8

CVSSv3

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged...

Bd Performa Bd Kla Journal Service

8.2

CVSSv3

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries....

Auvesy Versiondog1 Github repository available

Get Started

« PREV 1 2 3 4 5 6 7 8 9 10 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook