Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6698
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder d...
Fortinet Fortirecorder Firmware
9.8
CVSSv3
CVE-2017-11614
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial informatio...
Medhost Connex -
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
9.1
CVSSv3
CVE-2017-11694
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and financi...
Medhost Medhost Document Management System -
9.8
CVSSv3
CVE-2018-20432
D-Link COVR-2600R and COVR-3902 Kit prior to 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated malicious users to gain privileged access to the router, and to extract sensitive data or modify the configuration.
Dlink Covr-2600r Firmware
Dlink Covr-3902 Firmware
9.8
CVSSv3
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
NA
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a78 allows remote malicious users to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
Servision Hvg Video Gateway Firmware
NA
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote malicious users to obtain access via an HTTP session.
Servision Hvg Video Gateway Firmware
9.8
CVSSv3
CVE-2017-12574
An issue exists on PLANEX CS-W50HD devices with firmware prior to 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows malicious users to gain unauthorized access ...
Planex Cs-w50hd Firmware
NA
CVE-2020-283292
Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »