Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
383
VMScore
CVE-2016-1489
Lenovo SHAREit prior to 3.2.0 for Windows and SHAREit prior to 3.5.48_ww for Android transfer files in cleartext, which allows remote malicious users to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vector...
Lenovo Shareit
1 Article
240
VMScore
CVE-2016-1490
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows allows remote malicious users to obtain sensitive file names via a crafted file request to /list.
Lenovo Shareit
1 Article
481
VMScore
CVE-2016-1491
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit
1 Article
258
VMScore
CVE-2016-1492
The Wifi hotspot in Lenovo SHAREit prior to 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit 3.0.18 Ww
1 Article
570
VMScore
CVE-2019-15304
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an malicious user to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermome...
Progradegrill Wifi Grilling Thermometer Firmware 1.00 50006
356
VMScore
CVE-2020-28330
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web us...
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
169
VMScore
CVE-2019-3422
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can ...
Zte Mf910s Firmware -
760
VMScore
CVE-2017-12930
SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.
Tecnovision Dlx Spot Player4 -
2 EDB exploits
1 Github repository
660
VMScore
CVE-2017-12929
Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
Tecnovision Dlx Spot Player4 -
2 EDB exploits
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »