Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
7.5
CVSSv3
CVE-2017-6054
A Use of Hard-Coded Cryptographic Key issue exists in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information.
Hyundaiusa Blue Link 3.9.4
Hyundaiusa Blue Link 3.9.5
7.8
CVSSv3
CVE-2021-27452
The software contains a hard-coded password that could allow an malicious user to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
5.3
CVSSv3
CVE-2017-6039
A Use of Hard-Coded Password issue exists in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.
Phoenixbroadband Poweragent Sc3 Bms Firmware
7.2
CVSSv3
CVE-2022-47617
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption.
Hitrontech Coda-5310 Firmware -
9.1
CVSSv3
CVE-2021-36312
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system.
Dell Cloudlink
7.8
CVSSv3
CVE-2022-34462
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Dell Emc Secure Connect Gateway Policy Manager
7.8
CVSSv3
CVE-2023-22429
Android App 'Wolt Delivery: Food and more' version 4.27.2 and previous versions uses hard-coded credentials (API key for an external service), which may allow a local malicious user to obtain the hard-coded API key via reverse-engineering the application binary.
Wolt Wolt Delivery
9.8
CVSSv3
CVE-2023-23770
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
Motorola Mbts Site Controller Firmware R05.32.58
8.4
CVSSv3
CVE-2023-23771
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
Motorola Mbts Base Radio Firmware R05.x2.57
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »