Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
5
CVSSv2
CVE-2017-6054
A Use of Hard-Coded Cryptographic Key issue exists in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information.
Hyundaiusa Blue Link 3.9.4
Hyundaiusa Blue Link 3.9.5
7.2
CVSSv2
CVE-2021-27452
The software contains a hard-coded password that could allow an malicious user to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
5
CVSSv2
CVE-2017-6039
A Use of Hard-Coded Password issue exists in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.
Phoenixbroadband Poweragent Sc3 Bms Firmware
NA
CVE-2022-47617
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption.
Hitrontech Coda-5310 Firmware -
8.5
CVSSv2
CVE-2021-36312
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system.
Dell Cloudlink
NA
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Realtek Rtl8111ep-cg Firmware 5.0.10
Realtek Rtl8111ep-cg Firmware
Realtek Rtl8111fp-cg Firmware 5.0.10
Realtek Rtl8111fp-cg Firmware
NA
CVE-2023-23770
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
Motorola Mbts Site Controller Firmware R05.32.58
NA
CVE-2023-34338
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Ami Megarac Sp-x 12
Ami Megarac Sp-x 13
NA
CVE-2022-34462
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Dell Emc Secure Connect Gateway Policy Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »