Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-8289
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions allows remote malicious users to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Netgear D3600 Firmware 1.0.0.49
Netgear D6000 Firmware
1000
VMScore
CVE-2005-2611
VERITAS Backup Exec for Windows Servers 8.6 up to and including 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 up to and including 5.1 uses a static password during authentication from the NDMP agent to the server, which allow...
Symantec Veritas Backup Exec Netware Servers 9.0.4170
Symantec Veritas Backup Exec Netware Servers 9.0.4172
Symantec Veritas Backup Exec Netware Servers 9.1.1152 .4
Symantec Veritas Backup Exec Netware Servers 9.1.1154
Symantec Veritas Backup Exec Windows Servers 8.6
Symantec Veritas Backup Exec Windows Servers 9.0
Symantec Veritas Backup Exec Windows Servers 9.1 Rev. 4691 Sp2
Symantec Veritas Backup Exec Remote Agent Netware Server
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp6
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp6
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp4
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp5
Symantec Veritas Netbackup Netware Media Servers 5.1
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .2
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .3
Symantec Veritas Backup Exec Netware Servers 9.1.1127 .1
Symantec Veritas Backup Exec Netware Servers 9.1.307
Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5484
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454 Sp1
1 EDB exploit
890
VMScore
CVE-2019-13352
WolfVision Cynap prior to 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN pass...
Wolfvision Cynap
465
VMScore
CVE-2016-6434
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
Cisco Firepower Management Center 6.0.1
1 EDB exploit
668
VMScore
CVE-2021-33219
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Commscope Ruckus Iot Controller
570
VMScore
CVE-2019-15304
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an malicious user to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermome...
Progradegrill Wifi Grilling Thermometer Firmware 1.00 50006
505
VMScore
CVE-2016-5639
Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware prior to 1.4.0.13 allows remote malicious users to read arbitrary files via a .. (dot dot) in the src parameter.
Crestron Airmedia Am-100 Firmware
1 EDB exploit
1 Github repository
641
VMScore
CVE-2018-0141
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local malicious user to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploi...
Cisco Prime Collaboration Provisioning 11.6
Cisco Prime Collaboration 11.6
Cisco Prime Collaboration Assurance 11.6
1 Article
855
VMScore
CVE-2012-1803
RuggedCom Rugged Operating System (ROS) 3.10.x and previous versions has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote malicious users to obtain access by performing a calculation on this address value, and th...
Siemens Ruggedcom Rugged Operating System
1 EDB exploit
NA
CVE-2022-42973
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions p...
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »