VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 3 of 49
  • CVE-2026-0545CriApr 3, 2026
    risk 0.65cvss 9.8epss 0.04

    In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled…

  • CVE-2026-3611CriMar 12, 2026
    risk 0.65cvss 10.0epss 0.06

    The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest (level 100) context,…

  • CVE-2026-23693CriFeb 23, 2026
    risk 0.65cvss 10.0epss 0.00

    ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied…

  • CVE-2026-2577CriFeb 16, 2026
    risk 0.65cvss 10.0epss 0.01

    The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the…

  • CVE-2026-1633CriFeb 4, 2026
    risk 0.65cvss 10.0epss 0.01

    The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device.

  • CVE-2025-12548CriJan 13, 2026
    risk 0.65cvss 9.0epss 0.01

    A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API…

  • CVE-2025-69425CriJan 9, 2026
    risk 0.65cvss epss 0.01

    The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static…

  • CVE-2025-58083CriNov 15, 2025
    risk 0.65cvss 10.0epss 0.01

    General Industrial Controls Lynx+ Gateway  is missing critical authentication in the embedded web server which could allow an attacker to remotely reset the device.

  • CVE-2025-55108CriNov 5, 2025
    risk 0.65cvss 10.0epss 0.01

    The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and write and similar unauthorized actions when mutual SSL/TLS authentication is not enabled (i.e. in the default configuration). NOTE:  * The vendor believes that this…

  • CVE-2025-9574CriOct 20, 2025
    risk 0.65cvss 10.0epss 0.01

    Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects .  All firmware versions with the Serial Number from 2000 to 5166

  • CVE-2025-34120HigJul 16, 2025
    risk 0.65cvss epss 0.01

    An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint (`index.php/admin/update/sa/backup`), allowing attackers to specify…

  • CVE-2025-34115HigJul 15, 2025
    risk 0.65cvss epss 0.02

    An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via the 'cmd_str' parameter in the command_test.php endpoint. A user with access to the web interface can exploit the 'Test this command' feature to execute arbitrary shell commands as…

  • CVE-2025-34113HigJul 15, 2025
    risk 0.65cvss epss 0.02

    An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the `viewmode` GET parameter in `tiki-calendar.php`. When the calendar module is enabled and an authenticated user has permission to access it, an…

  • CVE-2025-41656CriJul 1, 2025
    risk 0.65cvss 10.0epss 0.10

    An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default.

  • CVE-2025-34039CriJun 24, 2025
    risk 0.65cvss epss 0.01

    A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the…

  • CVE-2025-36535CriMay 21, 2025
    risk 0.65cvss 10.0epss 0.01

    The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality.

  • CVE-2024-48966CriNov 14, 2024
    risk 0.65cvss 10.0epss 0.01

    The software tools used by service personnel to test & calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator's…

  • CVE-2024-42017CriSep 30, 2024
    risk 0.65cvss 10.0epss 0.01

    An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint…

  • CVE-2023-41918CriJul 2, 2024
    risk 0.65cvss 10.0epss 0.01

    A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary…

  • CVE-2018-5393CriSep 28, 2018
    risk 0.65cvss 9.8epss 0.13

    The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user…