Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardcoded vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
9.8
CVSSv3
CVE-2017-11614
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial informatio...
Medhost Connex -
9.1
CVSSv3
CVE-2017-11694
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and financi...
Medhost Medhost Document Management System -
NA
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote malicious users to obtain access via an HTTP session.
Servision Hvg Video Gateway Firmware
NA
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a78 allows remote malicious users to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
Servision Hvg Video Gateway Firmware
9.8
CVSSv3
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
7.5
CVSSv3
CVE-2023-22956
An issue exists on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
7.5
CVSSv3
CVE-2023-22957
An issue exists in libac_des3.so on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., t...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
NA
CVE-2020-283292
Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25...
9.8
CVSSv3
CVE-2018-20432
D-Link COVR-2600R and COVR-3902 Kit prior to 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated malicious users to gain privileged access to the router, and to extract sensitive data or modify the configuration.
Dlink Covr-2600r Firmware
Dlink Covr-3902 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »