CWE-306
Missing Authentication for Critical Function
Description
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62
CVEs mapped to this weakness (964)
page 6 of 49| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8350 | Cri | 0.64 | 9.8 | 0.01 | Feb 19, 2026 | Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The… | ||
| CVE-2026-1670 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 17, 2026 | The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address. | |
| CVE-2026-1729 | Cri | 0.64 | 9.8 | 0.01 | Feb 12, 2026 | The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it… | ||
| CVE-2026-25084 | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2026 | Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs. | ||
| CVE-2026-24789 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2026 | An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication. | |
| CVE-2026-2249 | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2026 | METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in… | ||
| CVE-2026-2248 | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2026 | METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results… | ||
| CVE-2025-8025 | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2026 | Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from < 3.0.1 through 11022026. NOTE: The vendor was… | ||
| CVE-2022-50981 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 2, 2026 | An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced. | |
| CVE-2026-1453 | Cri | 0.64 | 9.8 | 0.01 | Jan 29, 2026 | A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product. | ||
| CVE-2021-47891 | Cri | 0.64 | 9.8 | 0.01 | Jan 23, 2026 | Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by connecting to port 9512 and sending specially crafted packets to open a command… | ||
| CVE-2026-1364 | Cri | 0.64 | 9.8 | 0.01 | Jan 23, 2026 | IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities. | ||
| CVE-2025-62582 | Cri | 0.64 | 9.8 | 0.00 | Jan 16, 2026 | Delta Electronics DIAView has multiple vulnerabilities. | ||
| CVE-2025-14346 | Cri | 0.64 | 9.8 | 0.05 | Jan 5, 2026 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with the device and issue movement commands, override speed restrictions, and manipulate configuration profiles without any… | ||
| CVE-2019-25240 | Cri | 0.64 | 9.8 | 0.00 | Dec 24, 2025 | Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without… | ||
| CVE-2019-25236 | Cri | 0.64 | 9.8 | 0.00 | Dec 24, 2025 | iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without… | ||
| CVE-2018-25134 | Cri | 0.64 | 9.8 | 0.01 | Dec 24, 2025 | Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNewAcct.cgi script that allows unauthenticated attackers to create admin user accounts. Attackers can exploit the missing control check by sending crafted POST requests to create… | ||
| CVE-2025-43428 | Cri | 0.64 | 9.8 | 0.01 | Dec 17, 2025 | A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication. | ||
| CVE-2025-11007 | Cri | 0.64 | 9.8 | 0.00 | Nov 4, 2025 | The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wp_ajax_nopriv_ce21_single_sign_on_save_api_settings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to… | ||
| CVE-2025-40771 | Cri | 0.64 | 9.8 | 0.00 | Oct 14, 2025 | A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1542SP-1 IRC TX… |
- risk 0.64cvss 9.8epss 0.01
Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The…
- risk 0.64cvss 9.8epss 0.01
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.
- risk 0.64cvss 9.8epss 0.01
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it…
- risk 0.64cvss 9.8epss 0.01
Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs.
- risk 0.64cvss 9.8epss 0.01
An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.
- risk 0.64cvss 9.8epss 0.01
METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in…
- risk 0.64cvss 9.8epss 0.01
METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results…
- risk 0.64cvss 9.8epss 0.01
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from < 3.0.1 through 11022026. NOTE: The vendor was…
- risk 0.64cvss 9.8epss 0.01
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.
- risk 0.64cvss 9.8epss 0.01
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
- risk 0.64cvss 9.8epss 0.01
Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by connecting to port 9512 and sending specially crafted packets to open a command…
- risk 0.64cvss 9.8epss 0.01
IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities.
- risk 0.64cvss 9.8epss 0.00
Delta Electronics DIAView has multiple vulnerabilities.
- risk 0.64cvss 9.8epss 0.05
WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with the device and issue movement commands, override speed restrictions, and manipulate configuration profiles without any…
- risk 0.64cvss 9.8epss 0.00
Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without…
- risk 0.64cvss 9.8epss 0.00
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without…
- risk 0.64cvss 9.8epss 0.01
Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNewAcct.cgi script that allows unauthenticated attackers to create admin user accounts. Attackers can exploit the missing control check by sending crafted POST requests to create…
- risk 0.64cvss 9.8epss 0.01
A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.
- risk 0.64cvss 9.8epss 0.00
The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wp_ajax_nopriv_ce21_single_sign_on_save_api_settings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to…
- risk 0.64cvss 9.8epss 0.00
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1542SP-1 IRC TX…