CWE-306
Missing Authentication for Critical Function
Description
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62
CVEs mapped to this weakness (964)
page 26 of 49| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32646 | Hig | 0.49 | 7.5 | 0.00 | Apr 3, 2026 | A specific administrative endpoint is accessible without proper authentication, exposing device management functions. | ||
| CVE-2026-29132 | Hig | 0.49 | 7.5 | 0.00 | Apr 2, 2026 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails. | ||
| CVE-2026-34472 | Hig | 0.49 | 7.1 | 0.09 | Mar 30, 2026 | Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator… | ||
| CVE-2026-4640 | Hig | 0.49 | 7.5 | 0.00 | Mar 24, 2026 | Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information. | ||
| CVE-2026-32297 | Hig | 0.49 | 7.5 | 0.01 | Mar 17, 2026 | The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system. | ||
| CVE-2017-20222 | Hig | 0.49 | 7.5 | 0.01 | Mar 16, 2026 | Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to… | ||
| CVE-2017-20220 | Hig | 0.49 | 7.5 | 0.00 | Mar 16, 2026 | Serviio PRO 1.8 contains an improper access control vulnerability in the Configuration REST API that allows unauthenticated attackers to change the mediabrowser login password. Attackers can send specially crafted requests to the REST API endpoints to modify credentials without… | ||
| CVE-2017-20217 | Hig | 0.49 | 7.5 | 0.01 | Mar 16, 2026 | Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration REST API that allows unauthenticated attackers to access sensitive information. Remote attackers can send specially crafted requests to the REST API… | ||
| CVE-2026-2339 | Hig | 0.49 | 7.5 | 0.01 | Mar 10, 2026 | Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1. | ||
| CVE-2026-2754 | Hig | 0.49 | 7.5 | 0.01 | Mar 6, 2026 | Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve internal network parameters… | ||
| CVE-2026-27449 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 26, 2026 | Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed… | |
| CVE-2026-26048 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 20, 2026 | The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and disassociation frames to be broadcast without authentication or encryption. An attacker can use this to cause unauthorized… | |
| CVE-2026-26055 | Hig | 0.49 | 7.5 | 0.00 | Feb 12, 2026 | Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller (ATC) component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster… | ||
| CVE-2020-37157 | Hig | 0.49 | 7.5 | 0.00 | Feb 7, 2026 | DBPower C300 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive credentials through an unprotected configuration backup endpoint. Attackers can download the configuration file and extract hardcoded username and… | ||
| CVE-2020-37146 | Hig | 0.49 | 7.5 | 0.00 | Feb 7, 2026 | ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint,… | ||
| CVE-2022-50978 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 2, 2026 | An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP). | |
| CVE-2022-50977 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 2, 2026 | An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP. | |
| CVE-2020-36963 | Hig | 0.49 | 7.5 | 0.00 | Jan 28, 2026 | Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve… | ||
| CVE-2017-20213 | Hig | 0.49 | 7.5 | 0.00 | Jan 8, 2026 | FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across… | ||
| CVE-2020-36904 | Hig | 0.49 | 7.5 | 0.00 | Dec 31, 2025 | Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify… |
- risk 0.49cvss 7.5epss 0.00
A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
- risk 0.49cvss 7.5epss 0.00
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails.
- risk 0.49cvss 7.1epss 0.09
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator…
- risk 0.49cvss 7.5epss 0.00
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information.
- risk 0.49cvss 7.5epss 0.01
The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system.
- risk 0.49cvss 7.5epss 0.01
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to…
- risk 0.49cvss 7.5epss 0.00
Serviio PRO 1.8 contains an improper access control vulnerability in the Configuration REST API that allows unauthenticated attackers to change the mediabrowser login password. Attackers can send specially crafted requests to the REST API endpoints to modify credentials without…
- risk 0.49cvss 7.5epss 0.01
Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration REST API that allows unauthenticated attackers to access sensitive information. Remote attackers can send specially crafted requests to the REST API…
- risk 0.49cvss 7.5epss 0.01
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1.
- risk 0.49cvss 7.5epss 0.01
Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve internal network parameters…
- risk 0.49cvss 7.5epss 0.00
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed…
- risk 0.49cvss 7.5epss 0.00
The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and disassociation frames to be broadcast without authentication or encryption. An attacker can use this to cause unauthorized…
- risk 0.49cvss 7.5epss 0.00
Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller (ATC) component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster…
- risk 0.49cvss 7.5epss 0.00
DBPower C300 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive credentials through an unprotected configuration backup endpoint. Attackers can download the configuration file and extract hardcoded username and…
- risk 0.49cvss 7.5epss 0.00
ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint,…
- risk 0.49cvss 7.5epss 0.00
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).
- risk 0.49cvss 7.5epss 0.00
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.
- risk 0.49cvss 7.5epss 0.00
Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve…
- risk 0.49cvss 7.5epss 0.00
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across…
- risk 0.49cvss 7.5epss 0.00
Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify…