CWE-306
Missing Authentication for Critical Function
Description
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62
CVEs mapped to this weakness (964)
page 18 of 49| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6916 | Hig | 0.57 | 8.8 | 0.01 | Jun 30, 2025 | A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be… | ||
| CVE-2025-49596 | Cri | 0.57 | — | 0.37 | Jun 13, 2025 | The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP… | ||
| CVE-2025-49652 | Cri | 0.57 | 9.8 | 0.00 | Jun 9, 2025 | Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled. | ||
| CVE-2025-3759 | — | Hig | 0.57 | — | 0.00 | May 8, 2025 | Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about… | |
| CVE-2025-3758 | — | Hig | 0.57 | — | 0.00 | May 8, 2025 | WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way. | |
| CVE-2024-50381 | Hig | 0.57 | — | 0.01 | Dec 2, 2024 | A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original… | ||
| CVE-2024-52438 | Hig | 0.57 | 8.8 | 0.00 | Nov 20, 2024 | Missing Authentication for Critical Function vulnerability in deco.agency de:branding debranding allows Privilege Escalation.This issue affects de:branding: from n/a through <= 1.0.2. | ||
| CVE-2024-52437 | Hig | 0.57 | 8.8 | 0.00 | Nov 20, 2024 | Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System banner-system allows Privilege Escalation.This issue affects Banner System: from n/a through <= 1.0.0. | ||
| CVE-2024-41969 | Hig | 0.57 | 8.8 | 0.00 | Nov 18, 2024 | A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS. | ||
| CVE-2024-10284 | Cri | 0.57 | 9.8 | 0.00 | Nov 9, 2024 | The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any… | ||
| CVE-2024-49399 | — | Hig | 0.57 | — | 0.00 | Oct 17, 2024 | The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information. | |
| CVE-2023-22650 | Hig | 0.57 | 8.8 | 0.01 | Oct 16, 2024 | A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which… | ||
| CVE-2024-31218 | Cri | 0.57 | 9.8 | 0.01 | Apr 5, 2024 | Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to… | ||
| CVE-2023-2834 | Cri | 0.57 | 9.8 | 0.02 | Jun 30, 2023 | The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated… | ||
| CVE-2020-36724 | Cri | 0.57 | 9.8 | 0.02 | Jun 7, 2023 | The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker… | ||
| CVE-2016-6541 | Hig | 0.57 | 8.8 | 0.01 | Jul 6, 2018 | TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in… | ||
| CVE-2018-4854 | Hig | 0.57 | 8.8 | 0.03 | Jul 3, 2018 | A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from… | ||
| CVE-2018-8016 | Cri | 0.57 | 9.8 | 0.02 | Jun 28, 2018 | The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was… | ||
| CVE-2018-11476 | Hig | 0.57 | 8.8 | 0.01 | May 30, 2018 | An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication. | ||
| CVE-2018-0554 | Hig | 0.57 | 8.8 | 0.01 | Apr 9, 2018 | Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. |
- risk 0.57cvss 8.8epss 0.01
A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be…
- risk 0.57cvss —epss 0.37
The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP…
- risk 0.57cvss 9.8epss 0.00
Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled.
- risk 0.57cvss —epss 0.00
Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about…
- risk 0.57cvss —epss 0.00
WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way.
- risk 0.57cvss —epss 0.01
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original…
- risk 0.57cvss 8.8epss 0.00
Missing Authentication for Critical Function vulnerability in deco.agency de:branding debranding allows Privilege Escalation.This issue affects de:branding: from n/a through <= 1.0.2.
- risk 0.57cvss 8.8epss 0.00
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System banner-system allows Privilege Escalation.This issue affects Banner System: from n/a through <= 1.0.0.
- risk 0.57cvss 8.8epss 0.00
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
- risk 0.57cvss 9.8epss 0.00
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any…
- risk 0.57cvss —epss 0.00
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information.
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which…
- risk 0.57cvss 9.8epss 0.01
Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to…
- risk 0.57cvss 9.8epss 0.02
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated…
- risk 0.57cvss 9.8epss 0.02
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker…
- risk 0.57cvss 8.8epss 0.01
TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in…
- risk 0.57cvss 8.8epss 0.03
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from…
- risk 0.57cvss 9.8epss 0.02
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was…
- risk 0.57cvss 8.8epss 0.01
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication.
- risk 0.57cvss 8.8epss 0.01
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.