VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 1 of 49
  • CVE-2026-41940CriKEVApr 29, 2026
    risk 0.92cvss 9.8epss 0.98

    cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

  • CVE-2017-10271HigKEVOct 19, 2017
    risk 0.78cvss 7.5epss 1.00

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2010-5326CriKEVMay 13, 2016
    risk 0.78cvss 10.0epss 0.17

    The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour"…

  • CVE-2026-33017CriKEVMar 20, 2026
    risk 0.77cvss 9.8epss 0.98

    Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the…

  • CVE-2026-20253CriKEVJun 10, 2026
    risk 0.76cvss 9.8epss 0.88

    In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks…

  • CVE-2026-39987CriKEVApr 9, 2026
    risk 0.76cvss 9.8epss 0.96

    marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands.…

  • CVE-2011-10013CriAug 13, 2025
    risk 0.74cvss epss 0.01

    Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be…

  • CVE-2025-34077CriJul 9, 2025
    risk 0.74cvss epss 0.10

    An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the…

  • CVE-2016-2004CriApr 21, 2016
    risk 0.74cvss 9.8epss 0.94

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.

  • CVE-2025-34112CriJul 15, 2025
    risk 0.73cvss epss 0.02

    An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtual appliances. A SQL injection vulnerability in the '/api/common/1.0/login' endpoint can be exploited to create a new user account in the…

  • CVE-2025-34073CriJul 2, 2025
    risk 0.73cvss epss 0.04

    An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions <=0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of…

  • CVE-2024-50477CriOct 28, 2024
    risk 0.73cvss 9.8epss 0.08

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.

  • CVE-2026-32985CriMar 20, 2026
    risk 0.72cvss 9.8epss 0.01

    Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads.…

  • CVE-2014-125124CriJul 31, 2025
    risk 0.72cvss epss 0.02

    An unauthenticated remote command execution vulnerability exists in Pandora FMS versions up to and including 5.0RC1 via the Anyterm web interface, which listens on TCP port 8023. The anyterm-module endpoint accepts unsanitized user input via the p parameter and directly injects…

  • CVE-2014-125113CriAug 5, 2025
    risk 0.70cvss epss 0.01

    An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary…

  • CVE-2025-34121CriJul 16, 2025
    risk 0.70cvss epss 0.02

    An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The `wizards/post2file.php` script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful…

  • CVE-2025-34104CriJul 15, 2025
    risk 0.70cvss epss 0.01

    An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a malicious plugin (ZIP archive), leading to…

  • CVE-2025-34100CriJul 10, 2025
    risk 0.70cvss epss 0.02

    An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of the elFinder 2.0 file manager and its use of the jQuery File Upload plugin. The plugin fails to properly validate or restrict file types or locations during upload operations, allowing…

  • CVE-2018-0127CriFeb 8, 2018
    risk 0.70cvss 9.8epss 0.78

    A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device, which could lead to the disclosure of…

  • CVE-2014-125126CriJul 31, 2025
    risk 0.69cvss epss 0.02

    An unrestricted file upload vulnerability exists in Simple E-Document versions 3.0 to 3.1 that allows an unauthenticated attacker to bypass authentication by sending a specific cookie header (access=3) with HTTP requests. The application’s upload mechanism fails to restrict…