Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
1000
VMScore
CVE-2018-5723
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
505
VMScore
CVE-2018-5725
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
505
VMScore
CVE-2018-5726
MASTER IPCAMERA01 3.3.4.2103 devices allow remote malicious users to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings.
Barni Master Ip Camera01 Firmware 3.3.4.2103
1 EDB exploit
890
VMScore
CVE-2017-12577
An issue exists on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows malicious users to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.
Planex Cs-qr20 Firmware 1.30
Planex Smacam Night Vision -
320
VMScore
CVE-2012-3355
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and previous versions allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
Gnome Rhythmbox 0.12.8
Gnome Rhythmbox 0.12.7
Gnome Rhythmbox 0.12.6
Gnome Rhythmbox 0.11.6
Gnome Rhythmbox 0.11.5
Gnome Rhythmbox 0.10.0
Gnome Rhythmbox 0.10.0.90
Gnome Rhythmbox 0.9.3
Gnome Rhythmbox 0.9.3.1
Gnome Rhythmbox 0.8.5
Gnome Rhythmbox 0.8.4
Gnome Rhythmbox 0.7.0
Gnome Rhythmbox 0.6.8
Gnome Rhythmbox 0.6.0
Gnome Rhythmbox 0.5.88
Gnome Rhythmbox 0.13.1
Gnome Rhythmbox 0.13.0
Gnome Rhythmbox 0.12.1
Gnome Rhythmbox 0.12.0
Gnome Rhythmbox 0.11.0
Gnome Rhythmbox 0.10.1
Gnome Rhythmbox 0.9.5
1000
VMScore
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
505
VMScore
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
383
VMScore
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
890
VMScore
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »