Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-8717
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affect...
Moxa Awk-3131a Firmware 1.1
9.8
CVSSv3
CVE-2023-34338
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Ami Megarac Sp-x 12
Ami Megarac Sp-x 13
7.8
CVSSv3
CVE-2023-22429
Android App 'Wolt Delivery: Food and more' version 4.27.2 and previous versions uses hard-coded credentials (API key for an external service), which may allow a local malicious user to obtain the hard-coded API key via reverse-engineering the application binary.
Wolt Wolt Delivery
9.8
CVSSv3
CVE-2017-11614
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial informatio...
Medhost Connex -
7.3
CVSSv3
CVE-2022-26671
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.
Secom Dr.id Access Control 3.3.2
Secom Dr.id Attendance System 3.4.0.0.3.11
7.2
CVSSv3
CVE-2020-2499
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow malicious users to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
Qnap Qes
Qnap Qes 2.1.1
7.5
CVSSv3
CVE-2021-24005
Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions prior to 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.
Fortinet Fortiauthenticator
9.8
CVSSv3
CVE-2022-34441
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin p...
Dell Emc Secure Connect Gateway Policy Manager
5.5
CVSSv3
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local malicious user to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service.
Spooncast Spoon
9.8
CVSSv3
CVE-2022-34440
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin pr...
Dell Emc Secure Connect Gateway Policy Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
9
10
NEXT »