VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 14 of 49
  • CVE-2025-30040CriAug 27, 2025
    risk 0.59cvss epss 0.00

    The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint.

  • CVE-2025-30039CriAug 27, 2025
    risk 0.59cvss epss 0.00

    Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows takeover of any user session logged into the system, including users with admin privileges.

  • CVE-2024-45438CriAug 21, 2025
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a…

  • CVE-2025-43983CriAug 14, 2025
    risk 0.59cvss 9.1epss 0.00

    KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_process and goform/goform_get_cmd_process. These allow an unauthenticated attacker to retrieve sensitive information (including the device admin…

  • CVE-2024-55585CriJun 7, 2025
    risk 0.59cvss epss 0.00

    In the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricted read and write access, as demonstrated by /api/v1/users/resetpassword.

  • CVE-2025-4557CriMay 12, 2025
    risk 0.59cvss 9.1epss 0.00

    The specific APIs of Parking Management System from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific APIs and operate system functions. These functions include opening gates and restarting the system.

  • CVE-2024-23943CriMar 18, 2025
    risk 0.59cvss 9.1epss 0.01

    An unauthenticated remote attacker can gain access to the cloud API due to a lack of authentication for a critical function in the affected devices. Availability is not affected.

  • CVE-2024-50488HigOct 28, 2024
    risk 0.59cvss 8.8epss 0.01

    Authentication Bypass Using an Alternate Path or Channel vulnerability in yespbs Token Login token-login allows Authentication Bypass.This issue affects Token Login: from n/a through <= 1.0.3.

  • CVE-2024-26519CriOct 22, 2024
    risk 0.59cvss 9.0epss 0.00

    An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component.

  • CVE-2024-35293CriOct 2, 2024
    risk 0.59cvss 9.1epss 0.01

    An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.

  • CVE-2024-32752CriJun 6, 2024
    risk 0.59cvss 9.1epss 0.01

    The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access

  • CVE-2020-27285CriJan 6, 2021
    risk 0.59cvss 9.1epss 0.01

    The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication.

  • CVE-2017-4919CriJul 28, 2017
    risk 0.59cvss 9.0epss 0.02

    VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.

  • CVE-2026-45087CriMay 27, 2026
    risk 0.58cvss 10.0epss 0.01

    Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key.…

  • CVE-2026-44329CriMay 27, 2026
    risk 0.58cvss 10.0epss 0.00

    free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization…

  • CVE-2026-44327CriMay 27, 2026
    risk 0.58cvss 10.0epss 0.00

    free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at…

  • CVE-2026-39858CriApr 30, 2026
    risk 0.58cvss 10.0epss 0.00

    Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic…

  • CVE-2026-4370CriApr 1, 2026
    risk 0.58cvss 10.0epss 0.00

    A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authentication. Specifically, the Juju controller's database endpoint does not…

  • CVE-2026-34162CriMar 31, 2026
    risk 0.58cvss 10.0epss 0.00

    FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP…

  • CVE-2026-33032CriMar 30, 2026
    risk 0.58cvss 9.8epss 0.38

    Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message. While /mcp requires both IP whitelisting and authentication (AuthRequired()…