Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-1723
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote malicious user to access an affected device by using an account that has a default, static password. This account does not have administrator privileges. The vulnerabilit...
Cisco Common Services Platform Collector
6.5
CVSSv3
CVE-2020-28330
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web us...
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
8
CVSSv3
CVE-2016-1489
Lenovo SHAREit prior to 3.2.0 for Windows and SHAREit prior to 3.5.48_ww for Android transfer files in cleartext, which allows remote malicious users to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vector...
Lenovo Shareit
1 Article
4.1
CVSSv3
CVE-2016-1490
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows allows remote malicious users to obtain sensitive file names via a crafted file request to /list.
Lenovo Shareit
1 Article
8.8
CVSSv3
CVE-2016-1491
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit
1 Article
6.2
CVSSv3
CVE-2019-3422
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can ...
Zte Mf910s Firmware -
9.1
CVSSv3
CVE-2019-15304
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an malicious user to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermome...
Progradegrill Wifi Grilling Thermometer Firmware 1.00 50006
6.1
CVSSv3
CVE-2016-1492
The Wifi hotspot in Lenovo SHAREit prior to 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit 3.0.18 Ww
1 Article
9.8
CVSSv3
CVE-2017-12930
SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.
Tecnovision Dlx Spot Player4 -
2 EDB exploits
1 Github repository
9.8
CVSSv3
CVE-2015-6323
The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote malicious users to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.
Cisco Identity Services Engine Software 1.1.4
Cisco Identity Services Engine Software 1.1.3
Cisco Identity Services Engine Software 1.1.2
Cisco Identity Services Engine Software 1.1.1
Cisco Identity Services Engine Software 1.3\\(106.146\\)
Cisco Identity Services Engine Software 1.3\\(0.722\\)
Cisco Identity Services Engine Software 1.2.1
Cisco Identity Services Engine Software 1.2\\(0.793\\)
Cisco Identity Services Engine Software 1.3\\(120.135\\)
Cisco Identity Services Engine Software 1.2\\(0.747\\)
Cisco Identity Services Engine Software 1.2\\(1.198\\)
Cisco Identity Services Engine Software 1.4\\(0.109\\)
Cisco Identity Services Engine Software 1.3\\(0.876\\)
Cisco Identity Services Engine Software 1.2.0.899
Cisco Identity Services Engine Software 1.2 Base
Cisco Identity Services Engine Software 1.1 Base
Cisco Identity Services Engine Software 1.4\\(0.253\\)
Cisco Identity Services Engine Software 1.2\\(1.901\\)
Cisco Identity Services Engine Software 1.4\\(0.181\\)
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »