VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 22 of 49
  • CVE-2025-25060HigApr 2, 2025
    risk 0.53cvss 8.2epss 0.00

    Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker.

  • CVE-2024-10776HigDec 6, 2024
    risk 0.53cvss 8.2epss 0.00

    Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or load apps that use all features of the product available to a customer.

  • CVE-2024-41967HigNov 18, 2024
    risk 0.53cvss 8.1epss 0.00

    A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack.

  • CVE-2023-2781HigJun 3, 2023
    risk 0.53cvss 8.1epss 0.01

    The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resend_verification_email function. This…

  • CVE-2022-0993HigApr 19, 2022
    risk 0.53cvss 8.1epss 0.07

    The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects…

  • CVE-2019-6820HigMay 22, 2019
    risk 0.53cvss 8.2epss 0.01

    A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200,…

  • CVE-2017-3217HigJul 24, 2018
    risk 0.53cvss 8.1epss 0.02

    CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the…

  • CVE-2017-3209HigJul 24, 2018
    risk 0.53cvss 8.1epss 0.01

    The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and…

  • CVE-2017-12720HigFeb 15, 2018
    risk 0.53cvss 8.1epss 0.02

    An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump does not require authentication if the pump is configured to allow FTP connections.

  • CVE-2026-55884criJun 19, 2026
    risk 0.52cvss epss

    ## Summary The Tilt HUD HTTP server exposes state-changing and sensitive-read endpoints with no authentication. When the HUD is bound to a non-loopback address, a network attacker can trigger the developer's pre-defined Tiltfile resources, tamper with Tiltfile arguments, read…

  • CVE-2026-55450criJun 17, 2026
    risk 0.52cvss epss 0.00

    ### Summary Unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the server. In adition, in the response, the absolute path of the…

  • CVE-2026-49980criJun 16, 2026
    risk 0.52cvss epss 0.01

    ## Summary `rclone rcd --rc-serve` accepts unauthenticated `GET` and `HEAD` requests to paths of the form: ```text /[remote:path]/object ``` The `remote` value is parsed from the URL and passed to normal backend initialization. Inline remote configuration can set backend…

  • CVE-2026-53469CriJun 10, 2026
    risk 0.52cvss 9.1epss 0.00

    A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by sending a DELETE request to the /api/v1/sources route, which lacks proper authorization and filtering. This allows for the destruction of all customer data, including sources, agents,…

  • CVE-2026-47391criMay 29, 2026
    risk 0.52cvss epss 0.00

    ## Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring `auth_token`. 2. The same example binds the server to `0.0.0.0`. 3. The example registers a…

  • CVE-2026-47393criMay 29, 2026
    risk 0.52cvss epss 0.00

    ### Summary CVE-2026-44338 (GHSA-6rmh-7xcm-cpxj) documents that PraisonAI ships a code-generator (`praisonai.deploy.api.generate_api_server_code`) that emits a Flask API server with authentication disabled by default. Users who follow the documented quickstart (`praisonai…

  • CVE-2026-47396criMay 29, 2026
    risk 0.52cvss epss 0.00

    ### Summary PraisonAI's call server exposes a network-facing agent control API without authentication when `CALL_SERVER_TOKEN` is not configured. The affected component is the `praisonai.api.agent_invoke` router as mounted by `praisonai.api.call`. The authentication helper…

  • CVE-2026-46339criMay 19, 2026
    risk 0.52cvss epss 0.00

    ## Summary 9router exposes two unauthenticated API endpoints that, when chained together, allow any network-adjacent attacker to execute arbitrary OS commands as the user running the 9router process — with **zero prerequisites** and **no credentials required**. The…

  • CVE-2026-45695criMay 19, 2026
    risk 0.52cvss epss 0.00

    ## Summary Kopia's HTTP server, when started with `--without-password `, accepts unauthenticated requests to `/api/v1/repo/exists`. The handler forwards an attacker-supplied storage configuration to `blob.NewStorage`. For SFTP backends with `externalSSH: true`, that path…

  • CVE-2026-0204HigApr 29, 2026
    risk 0.52cvss 8.0epss 0.00

    A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.

  • CVE-2026-41473CriApr 24, 2026
    risk 0.52cvss 9.1epss 0.01

    CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and…