Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-25733
TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.
4.3
CVSSv2
CVE-2020-25986
A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows malicious users to change the password of a user.
Monocms Monocms 1.0
5
CVSSv2
CVE-2020-25987
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.
Monocms Monocms 1.0
6.8
CVSSv2
CVE-2015-4080
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote malicious users to (1) obtain sensitive information by sniffing the network and (2) obtain access to the device by encrypting messages.
Kankun Smartsocket
NA
CVE-2011-3682
The Singtel 2Wire gateway router comes shipped with a hardcoded password that cannot be changed and suffers from a lack of cross site request forgery protection.
7.2
CVSSv2
CVE-2019-15015
In the Zingbox Inspector, versions 1.294 and previous versions, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.
Zingbox Inspector
7.2
CVSSv2
CVE-2006-4082
Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
Barracuda Networks Barracuda Spam Firewall 3.3.03.053
5.8
CVSSv2
CVE-2019-7225
The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These...
Abb Cp620 Firmware
Abb Cp620-web Firmware
Abb Cp630 Firmware
Abb Cp630-web Firmware
Abb Cp635 Firmware
Abb Cp635-b Firmware
Abb Cp635-web Firmware
Abb Pb610 Firmware
Abb Cp651-web Firmware
Abb Cp661 Firmware
Abb Cp661-web Firmware
Abb Cp665 Firmware
Abb Cp665-web Firmware
Abb Cp676 Firmware
Abb Cp676-web Firmware
Abb Cp651 Firmware
4.3
CVSSv2
CVE-2018-15752
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cleartext Transmission of Sensitive Information allows man-in-the-middle malicious users to eavesdrop authentication information between the application and the server.
Mensamax Mensamax 4.3
5
CVSSv2
CVE-2018-15753
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password.
Mensamax Mensamax 4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »