Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4080
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote malicious users to (1) obtain sensitive information by sniffing the network and (2) obtain access to the device by encrypting messages.
Kankun Smartsocket
NA
CVE-2013-25733
TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.
8.4
CVSSv3
CVE-2019-15015
In the Zingbox Inspector, versions 1.294 and previous versions, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.
Zingbox Inspector
NA
CVE-2011-3682
The Singtel 2Wire gateway router comes shipped with a hardcoded password that cannot be changed and suffers from a lack of cross site request forgery protection.
6.5
CVSSv3
CVE-2020-25986
A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows malicious users to change the password of a user.
Monocms Monocms 1.0
7.5
CVSSv3
CVE-2020-25987
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.
Monocms Monocms 1.0
NA
CVE-2006-4082
Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
Barracuda Networks Barracuda Spam Firewall 3.3.03.053
8.8
CVSSv3
CVE-2019-7225
The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These...
Abb Cp620 Firmware
Abb Cp620-web Firmware
Abb Cp630 Firmware
Abb Cp630-web Firmware
Abb Cp635 Firmware
Abb Cp635-b Firmware
Abb Cp635-web Firmware
Abb Pb610 Firmware
Abb Cp651-web Firmware
Abb Cp661 Firmware
Abb Cp661-web Firmware
Abb Cp665 Firmware
Abb Cp665-web Firmware
Abb Cp676 Firmware
Abb Cp676-web Firmware
Abb Cp651 Firmware
8.1
CVSSv3
CVE-2018-15752
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cleartext Transmission of Sensitive Information allows man-in-the-middle malicious users to eavesdrop authentication information between the application and the server.
Mensamax Mensamax 4.3
7.5
CVSSv3
CVE-2018-15753
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password.
Mensamax Mensamax 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »