Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-6760
Schmid ZI 620 V400 VPN 090 routers allow an malicious user to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.
Schmid-telecom Zi 620 V400 Firmware 090
890
VMScore
CVE-2019-15497
Black Box iCOMPEL 9.2.3 up to and including 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 up to and including 11.1.4 and other products, has default credentials that allow remote malicious users to access devices remotely via SSH, HTTP, HTTPS, and FTP.
Blackbox Icompel Firmware
Onelan Net-top-box Firmware
890
VMScore
CVE-2017-6900
An issue exists in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Furt...
Riello-ups Netman 204 Firmware 15-2
Riello-ups Netman 204 Firmware 14-2
890
VMScore
CVE-2019-7261
Linear eMerge E3-Series devices have Hard-coded Credentials.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
890
VMScore
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
890
VMScore
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
890
VMScore
CVE-2019-12776
An issue exists on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardc...
Enttec Datagate Mk2 Firmware 70044
Enttec Storm 24 Firmware 70044
Enttec Pixelator Firmware 70044
Enttec E-streamer Mk2 Firmware 70044
890
VMScore
CVE-2019-1804
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to connect to the affected system with the privileges of the root user. The vulnerability ...
Cisco Nexus 9332pq Firmware 14.0\\(3d\\)
Cisco Nexus 93180yc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 93128tx Firmware 14.0\\(3d\\)
Cisco Nexus 93120tx Firmware 14.0\\(3d\\)
Cisco Nexus 93108tc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 9516 Firmware 14.0\\(3d\\)
Cisco Nexus 9508 Firmware 14.0\\(3d\\)
Cisco Nexus 9504 Firmware 14.0\\(3d\\)
Cisco Nexus 9500 Firmware 14.0\\(3d\\)
Cisco Nexus 9396tx Firmware 14.0\\(3d\\)
Cisco Nexus 9396px Firmware 14.0\\(3d\\)
Cisco Nexus 9372tx Firmware 14.0\\(3d\\)
Cisco Nexus 9372px Firmware 14.0\\(3d\\)
1 Article
890
VMScore
CVE-2019-9160
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and previous versions has a backdoor account allowing a remote malicious user to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated...
Xinruidz Sundray Wan Controller Firmware
890
VMScore
CVE-2018-17565
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows malicious users to execute arbitrary system commands and gain a root shell.
Grandstream Gxp1610 Firmware 1.0.4.128
Grandstream Gxp1615 Firmware 1.0.4.128
Grandstream Gxp1620 Firmware 1.0.4.128
Grandstream Gxp1625 Firmware 1.0.4.128
Grandstream Gxp1628 Firmware 1.0.4.128
Grandstream Gxp1630 Firmware 1.0.4.128
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »