Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-30167

Summary
Assigner-twcert
Assigner Org ID-cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At-28 Apr, 2021 | 09:30
Updated At-17 Sep, 2024 | 02:32
Rejected At-
Credits

MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:twcert
Assigner Org ID:cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At:28 Apr, 2021 | 09:30
Updated At:17 Sep, 2024 | 02:32
Rejected At:
▼CVE Numbering Authority (CNA)
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Affected Products
Vendor
MERIT LILIN ENT.CO.,LTD.
Product
P2/Z2/P3/Z3 IP camera firmware
Versions
Affected
  • From unspecified through 7.1.94.8908 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-522CWE-522 Insufficiently Protected Credentials
Type: CWE
CWE ID: CWE-522
Description: CWE-522 Insufficiently Protected Credentials
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update P2/Z2/P3/Z3 IP camera firmware to SVN9695.

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
x_refsource_MISC
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
x_refsource_MISC
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
x_refsource_MISC
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
x_refsource_MISC
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Resource:
x_refsource_MISC
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Resource:
x_refsource_MISC
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Resource:
x_refsource_MISC
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
x_refsource_MISC
x_transferred
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
x_refsource_MISC
x_transferred
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
x_refsource_MISC
x_transferred
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
x_refsource_MISC
x_transferred
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:twcert@cert.org.tw
Published At:28 Apr, 2021 | 10:15
Updated At:25 Oct, 2022 | 18:50

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

meritlilin
meritlilin
>>p2r8852e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8852e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e2>>-
cpe:2.3:h:meritlilin:p2r8852e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8852e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e4>>-
cpe:2.3:h:meritlilin:p2r8852e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6852e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e2>>-
cpe:2.3:h:meritlilin:p2r6852e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6852e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e4>>-
cpe:2.3:h:meritlilin:p2r6852e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6552e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e2>>-
cpe:2.3:h:meritlilin:p2r6552e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6552e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e4>>-
cpe:2.3:h:meritlilin:p2r6552e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6352ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae2>>-
cpe:2.3:h:meritlilin:p2r6352ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6352ae4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae4>>-
cpe:2.3:h:meritlilin:p2r6352ae4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3052ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r3052ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3052ae2>>-
cpe:2.3:h:meritlilin:p2r3052ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1052_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1052_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1052>>-
cpe:2.3:h:meritlilin:p2g1052:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8822e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e2>>-
cpe:2.3:h:meritlilin:p2r8822e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8822e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e4>>-
cpe:2.3:h:meritlilin:p2r8822e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6822e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e2>>-
cpe:2.3:h:meritlilin:p2r6822e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6822e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e4>>-
cpe:2.3:h:meritlilin:p2r6822e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6522e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e2>>-
cpe:2.3:h:meritlilin:p2r6522e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6522e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e4>>-
cpe:2.3:h:meritlilin:p2r6522e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6322ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae2>>-
cpe:2.3:h:meritlilin:p2r6322ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6322ae4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae4>>-
cpe:2.3:h:meritlilin:p2r6322ae4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3022ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r3022ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3022ae2>>-
cpe:2.3:h:meritlilin:p2r3022ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1022_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022>>-
cpe:2.3:h:meritlilin:p2g1022:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022x_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1022x_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022x>>-
cpe:2.3:h:meritlilin:p2g1022x:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8852ax_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8852ax_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8852ax>>-
cpe:2.3:h:meritlilin:z2r8852ax:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x-p_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8152x-p_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x-p>>-
cpe:2.3:h:meritlilin:z2r8152x-p:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x2-p_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8152x2-p_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x2-p>>-
cpe:2.3:h:meritlilin:z2r8152x2-p:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8052ex25_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8052ex25_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8052ex25>>-
cpe:2.3:h:meritlilin:z2r8052ex25:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Primarynvd@nist.gov
CWE-522Secondarytwcert@cert.org.tw
CWE ID: CWE-306
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-522
Type: Secondary
Source: twcert@cert.org.tw
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3etwcert@cert.org.tw
Third Party Advisory
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388twcert@cert.org.tw
Third Party Advisory
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdftwcert@cert.org.tw
Vendor Advisory
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.htmltwcert@cert.org.tw
Not Applicable
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Source: twcert@cert.org.tw
Resource:
Third Party Advisory
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Source: twcert@cert.org.tw
Resource:
Third Party Advisory
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Source: twcert@cert.org.tw
Resource:
Vendor Advisory
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Source: twcert@cert.org.tw
Resource:
Not Applicable

Change History

0
Information is not available yet

Similar CVEs

748Records found

CVE-2021-30168
Matching Score-10
Assigner-TWCERT/CC
ShareView Details
Matching Score-10
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.13% / 79.74%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 09:30
Updated-16 Sep, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Sensitive Data Exposure-1

The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.

Action-Not Available
Vendor-meritlilinMERIT LILIN ENT.CO.,LTD.
Product-p2g1022x_firmwarep2r8822e4_firmwarep3r6322e2_firmwarez2r6422ax-pz3r6422x3z2r6452ax-pp3r8822e2z2r8152x2-p_firmwarep2r6522e2_firmwarez2r8852ax_firmwarep2r6822e2p2g1022z2r8152x-pp3r6522e2_firmwarez2r6522xz2r8152x2-pp2r6852e4p2g1022_firmwarep2r8852e2z2r6422axz3r8922x3p2r6322ae2p2r6852e2_firmwarep2r6522e4p2r6352ae2_firmwarez2r8852axp2r8852e4_firmwarep2r6322ae2_firmwarez2r8822ax_firmwarez2r6522x_firmwarep2g1022xz3r6422x3_firmwarep2r6522e2z2r8122x2-pp2r6822e4p2r6552e4_firmwarez2r8022ex25z2r8052ex25z2r8822axp2r8822e2p2r6552e2z2r8122x-p_firmwarez2r6422ax-p_firmwarep2r6552e2_firmwarez2r6422ax_firmwarep2r6352ae4_firmwarez2r6552xp2r8852e2_firmwarez2r6552x_firmwarez2r8152x-p_firmwarez2r6452axp2r3052ae2_firmwarep2g1052_firmwarez2r8122x-pp2r6852e2p2r3022ae2_firmwarep2r3052ae2p2r6322ae4_firmwarep3r6322e2p2r6822e2_firmwarep2r8822e2_firmwarez2r6452ax_firmwarep2r6352ae2z2r8022ex25_firmwarep2r6322ae4p2r3022ae2p3r6522e2z3r6522xp2r8822e4p2r6852e4_firmwarep2r6552e4z3r6522x_firmwarep3r8822e2_firmwarep2g1052p2r8852e4z2r8122x2-p_firmwarep2r6822e4_firmwarep2r6522e4_firmwarez2r6452ax-p_firmwarez3r8922x3_firmwarep2r6352ae4z2r8052ex25_firmwareP2/Z2/P3/Z3 IP camera firmware
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-30166
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-3.79% / 88.66%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 09:30
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Command Injection

The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.

Action-Not Available
Vendor-meritlilinMERIT LILIN ENT.CO.,LTD.
Product-p2g1022x_firmwarep2r8822e4_firmwarep3r6322e2_firmwarez2r6422ax-pz3r6422x3z2r6452ax-pp3r8822e2z2r8152x2-p_firmwarep2r6522e2_firmwarez2r8852ax_firmwarep2r6822e2p2g1022z2r8152x-pp3r6522e2_firmwarez2r6522xz2r8152x2-pp2r6852e4p2g1022_firmwarep2r8852e2z2r6422axz3r8922x3p2r6322ae2p2r6852e2_firmwarep2r6522e4p2r6352ae2_firmwarez2r8852axp2r8852e4_firmwarep2r6322ae2_firmwarez2r8822ax_firmwarez2r6522x_firmwarep2g1022xz3r6422x3_firmwarep2r6522e2z2r8122x2-pp2r6822e4p2r6552e4_firmwarez2r8022ex25z2r8052ex25z2r8822axp2r8822e2p2r6552e2z2r8122x-p_firmwarez2r6422ax-p_firmwarep2r6552e2_firmwarez2r6422ax_firmwarep2r6352ae4_firmwarez2r6552xp2r8852e2_firmwarez2r6552x_firmwarez2r8152x-p_firmwarez2r6452axp2r3052ae2_firmwarep2g1052_firmwarez2r8122x-pp2r6852e2p2r3022ae2_firmwarep2r3052ae2p2r6322ae4_firmwarep3r6322e2p2r6822e2_firmwarep2r8822e2_firmwarez2r6452ax_firmwarep2r6352ae2z2r8022ex25_firmwarep2r6322ae4p2r3022ae2p3r6522e2z3r6522xp2r8822e4p2r6852e4_firmwarep2r6552e4z3r6522x_firmwarep3r8822e2_firmwarep2g1052p2r8852e4z2r8122x2-p_firmwarep2r6822e4_firmwarep2r6522e4_firmwarez2r6452ax-p_firmwarez3r8922x3_firmwarep2r6352ae4z2r8052ex25_firmwareP2/Z2/P3/Z3 IP camera firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-47618
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.02% / 59.22%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Merit Lilin Ent. Co., Ltd. AH55B04 & AH55B08 DVR - Hard-coded Credentials

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.

Action-Not Available
Vendor-meritlilinMerit Lilin Ent. Co., Ltd.
Product-ah55b08ah55b08_firmwareah55b04ah55b04_firmwareAH55B04 DVR firmwareAH55B08 DVR firmware
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-30169
Matching Score-6
Assigner-TWCERT/CC
ShareView Details
Matching Score-6
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-1.68% / 74.09%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 09:30
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Sensitive Data Exposure-2

The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential.

Action-Not Available
Vendor-meritlilinMERIT LILIN ENT.CO.,LTD.
Product-p2g1022x_firmwarep2r8822e4_firmwarep3r6322e2_firmwarez2r6422ax-pz3r6422x3z2r6452ax-pp3r8822e2z2r8152x2-p_firmwarep2r6522e2_firmwarez2r8852ax_firmwarep2r6822e2p2g1022z2r8152x-pp3r6522e2_firmwarez2r6522xz2r8152x2-pp2r6852e4p2g1022_firmwarep2r8852e2z2r6422axz3r8922x3p2r6322ae2p2r6852e2_firmwarep2r6522e4p2r6352ae2_firmwarez2r8852axp2r8852e4_firmwarep2r6322ae2_firmwarez2r8822ax_firmwarez2r6522x_firmwarep2g1022xz3r6422x3_firmwarep2r6522e2z2r8122x2-pp2r6822e4p2r6552e4_firmwarez2r8022ex25z2r8052ex25z2r8822axp2r8822e2p2r6552e2z2r8122x-p_firmwarez2r6422ax-p_firmwarep2r6552e2_firmwarez2r6422ax_firmwarep2r6352ae4_firmwarez2r6552xp2r8852e2_firmwarez2r6552x_firmwarez2r8152x-p_firmwarez2r6452axp2r3052ae2_firmwarep2g1052_firmwarez2r8122x-pp2r6852e2p2r3022ae2_firmwarep2r3052ae2p2r6322ae4_firmwarep3r6322e2p2r6822e2_firmwarep2r8822e2_firmwarez2r6452ax_firmwarep2r6352ae2z2r8022ex25_firmwarep2r6322ae4p2r3022ae2p3r6522e2z3r6522xp2r8822e4p2r6852e4_firmwarep2r6552e4z3r6522x_firmwarep3r8822e2_firmwarep2g1052p2r8852e4z2r8122x2-p_firmwarep2r6822e4_firmwarep2r6522e4_firmwarez2r6452ax-p_firmwarez3r8922x3_firmwarep2r6352ae4z2r8052ex25_firmwareP2/Z2/P3/Z3 IP camera firmware
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-25570
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.00% / 78.32%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-2567
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.44% / 35.42%
||
7 Day CHG~0.00%
Published-15 Apr, 2025 | 19:59
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lantronix Xport Missing Authentication for Critical Function

An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation.

Action-Not Available
Vendor-Lantronix
Product-Xport
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26359
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.85% / 53.88%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:28
Updated-28 Oct, 2025 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset user PINs via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26342
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:27
Updated-24 Oct, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to create arbitrary users, including administrators, via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26339
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:26
Updated-24 Oct, 2025 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxtime/handleRoute.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability in multiple unspecified ways via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26341
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:27
Updated-24 Oct, 2025 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-3376
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.3||HIGH
EPSS-1.15% / 63.09%
||
7 Day CHG~0.00%
Published-31 Jul, 2020 | 00:00
Updated-13 Nov, 2024 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Data Center Network Manager Authentication Bypass Vulnerability

A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to perform proper authentication. An attacker could exploit this vulnerability by browsing to one of the hosted URLs in Cisco DCNM. A successful exploit could allow the attacker to interact with and use certain functions within the Cisco DCNM.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-data_center_network_managerCisco Data Center Network Manager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26344
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:27
Updated-24 Oct, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enable passwordless guest mode via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26347
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:27
Updated-24 Oct, 2025 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to edit user permissions via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2006-0062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 70.37%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 02:13
Updated-07 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

Action-Not Available
Vendor-sillycyclen/a
Product-xlockmoren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-26345
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.47%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:27
Updated-24 Oct, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to edit user group permissions via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2014-1812
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-65.12% / 99.16%
||
7 Day CHG+0.81%
Published-14 May, 2014 | 10:00
Updated-22 Apr, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_8.1windows_server_2008windows_vistawindows_8windows_server_2012n/aWindows
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-35469
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.05% / 78.94%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 23:08
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote attacker to achieve root access with a blank password.

Action-Not Available
Vendor-softwareagn/a
Product-terracotta_server_ossn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-24865
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-6.82% / 93.23%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 21:29
Updated-04 Mar, 2025 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mySCADA myPRO Manager Missing Authentication for Critical Function

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.

Action-Not Available
Vendor-myscadamySCADA
Product-mypromyPRO Manager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-24924
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.52% / 40.47%
||
7 Day CHG~0.00%
Published-05 Mar, 2025 | 00:02
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GMOD Apollo Missing Authentication for Critical Function

Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username

Action-Not Available
Vendor-GMOD
Product-Apollo
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8732
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-9.46% / 94.83%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 05:32
Updated-29 May, 2026 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which unconditionally creates a new WordPress user with the hardcoded role of administrator via wp_insert_user() and returns a magic login URL that, when visited, calls wp_set_auth_cookie() to fully authenticate the attacker as the newly created administrator, resulting in complete site takeover.

Action-Not Available
Vendor-flippercode
Product-WP Maps Pro
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-23342
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-8.2||HIGH
EPSS-0.30% / 21.45%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 21:02
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering.

Action-Not Available
Vendor-NVIDIA Corporation
Product-nvdebugNVDebug tool
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-43999
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 56.87%
||
7 Day CHG~0.00%
Published-16 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management services, arbitrary system commands can be executed on the server.

Action-Not Available
Vendor-backclickn/a
Product-backclickn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-7415
Matching Score-4
Assigner-Austin Hackers Anonymous
ShareView Details
Matching Score-4
Assigner-Austin Hackers Anonymous
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.68%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 16:11
Updated-14 May, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind.

Action-Not Available
Vendor-yarboYarbo
Product-lawn_mowerlawn_mower_firmwarelawn_mower_prolawn_mower_pro_firmwareFirmware
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-22252
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9||CRITICAL
EPSS-0.80% / 52.23%
||
7 Day CHG~0.00%
Published-28 May, 2025 | 07:55
Updated-26 Feb, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass.

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiOSFortiSwitchManagerFortiProxy
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-16199
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.14% / 95.89%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 20:53
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.

Action-Not Available
Vendor-eq-3n/a
Product-homematic_ccu2_firmwarehomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2013-7052
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-24.68% / 97.62%
||
7 Day CHG~0.00%
Published-04 Feb, 2020 | 13:49
Updated-06 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-100dir-100_firmwaren/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2013-7055
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.98% / 93.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2020 | 13:56
Updated-06 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-100 4.03B07 has PPTP and poe information disclosure

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-100dir-100_firmwaren/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-43976
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 48.78%
||
7 Day CHG~0.00%
Published-17 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication.

Action-Not Available
Vendor-gen/a
Product-ms_3000_firmwarems_3000n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8364
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 22.21%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:38
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Missing Authentication for Critical Functions

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-21524
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.74% / 50.01%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 20:53
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jd_edwards_enterpriseone_toolsJD Edwards EnterpriseOne Tools
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-21535
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 52.11%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 20:53
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverOracle WebLogic Server
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-9141
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.48% / 38.05%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 19:52
Updated-21 May, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Taiko AG1000-01A Rev 7.3/8 Authentication Bypass via Web Interface

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows unauthenticated attackers to access internal application pages without any session management or server-side authentication checks. Attackers with network access can directly request internal resources such as index.zhtml, point.zhtml, and log.shtml to gain full administrative read and write access, enabling unauthorized modification of alarm routing, device configuration, and disruption of monitoring and control functions.

Action-Not Available
Vendor-Taiko Network Communications Pte Ltd.
Product-AG1000-01A SMS Alert Gateway
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-6274
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.66%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 09:01
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass in DTS Electronics' Redline WR3200

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.

Action-Not Available
Vendor-DTS Electronics Industry and Trade Ltd. Co.
Product-Redline WR3200
CWE ID-CWE-1390
Weak Authentication
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-24051
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 80.50%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 14:23
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF interoperability IP-based physical security protocol, which requires authentication for some of its operations. It was found that the authentication check for those ONVIF operations can be bypassed. An attacker can abuse this issue to execute privileged operations without authentication, for instance, to create a new Administrator user.

Action-Not Available
Vendor-moogn/a
Product-exvf5c-2exvf5c-2_firmwareexvp7c2-3exvp7c2-3_firmwaren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-42785
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 58.58%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 11:01
Updated-01 May, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wiesemann & Theis: Authentication bypass in Com-Server family

Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.

Action-Not Available
Vendor-wutWiesemann & Theis
Product-com-server_20macom-server_highspeed_ulcom-server_highspeed_office_4port_firmwarecom-server_highspeed_poe_3x_isolatedcom-server_highspeed_isolatedcom-server_highspeed_industrycom-server_highspeed_industry_firmwarecom-server_highspeed_100basefx_firmwarecom-server_highspeed_100baselx_firmwarecom-server_highspeed_isolated_firmwarecom-server_highspeed_lc_firmwarecom-server_20ma_firmwarecom-server_highspeed_ul_firmwarecom-server_highspeed_19\"_1port_firmwarecom-server_highspeed_office_4portat-modem-emulatorcom-server_\+\+com-server_highspeed_100baselxcom-server_highspeed_office_1portcom-server_highspeed_100basefxcom-server_highspeed_oem_firmwarecom-server_highspeed_office_1port_firmwarecom-server_highspeed_poe_firmwarecom-server_\+\+_firmwarecom-server_highspeed_lccom-server_highspeed_poe_3x_isolated_firmwarecom-server_highspeed_oemcom-server_highspeed_19\"_4port_firmwarecom-server_highspeed_19\"_4portcom-server_highspeed_compact_firmwarecom-server_highspeed_poecom-server_highspeed_19\"_1portcom-server_highspeed_compactat-modem-emulator_firmwareCom-Server Highspeed OEMCom-Server ULCom-Server ++Com-Server Highspeed Office 4 PortCom-Server Highspeed 19" 4PortCom-Server Highspeed 100BaseFXCom-Server Highspeed CompactCom-Server 20mACom-Server PoE 3 x IsolatedCom-Server Highspeed IsolatedCom-Server Highspeed IndustryCom-Server Highspeed 100BaseLXCom-Server LCAT-Modem-EmulatorCom-Server Highspeed 19" 1PortCom-Server Highspeed Office 1 PortCom-Server Highspeed PoE
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-4229
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.90% / 55.20%
||
7 Day CHG~0.00%
Published-30 Nov, 2022 | 00:00
Updated-14 Apr, 2025 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Book Store Management System index.php access control

A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214588.

Action-Not Available
Vendor-book_store_management_system_projectSourceCodester
Product-book_store_management_systemBook Store Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-20358
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.93% / 56.29%
||
7 Day CHG+0.03%
Published-05 Nov, 2025 | 16:31
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability

A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution. This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_contact_center_expressCisco Unified Contact Center Express
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-11529
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.56% / 42.59%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 03:02
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication

A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.

Action-Not Available
Vendor-churchcrmn/a
Product-churchcrmChurchCRM
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-41688
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 46.20%
||
7 Day CHG~0.00%
Published-31 Oct, 2022 | 19:38
Updated-16 Apr, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to the administrator group.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-infrasuite_device_masterInfraSuite Device Master
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-1907
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.78% / 51.43%
||
7 Day CHG~0.00%
Published-29 May, 2025 | 23:12
Updated-30 May, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Instantel Micromate Missing Authentication for Critical Function

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected.

Action-Not Available
Vendor-Instantel
Product-Micromate
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-15113
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.43% / 34.76%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 22:41
Updated-11 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload

Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.

Action-Not Available
Vendor-kseniasecurityKsenia Security S.p.A.
Product-lareslares_firmwarelares
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2026-56782
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-3.02% / 85.80%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 17:16
Updated-30 Jun, 2026 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or completely overwrite the dataset without authentication.

Action-Not Available
Vendor-gorse-io
Product-gorse
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-58126
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.75% / 50.47%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:39
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chain the arbitrary file write primitive with DLL hijacking in PGImageExchangeQueueSvc.exe, which loads missing DLLs such as CRYPTSP.DLL from the application directory, to achieve remote code execution as NT Authority\SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear PACS Scan
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-58127
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.78% / 51.41%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:41
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebClient class methods, an unauthenticated remote attacker can read and write arbitrary files on the host filesystem. The ObjectURIs are identical across all installations by default. Chaining the arbitrary file write primitive with DLL hijacking opportunities in the MediaWriter service (which runs as NT Authority\\SYSTEM and loads missing DLLs such as CRYPTBASE.DLL from the application directory) enables unauthenticated remote code execution as SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear MediaWriter
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-41331
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.27% / 66.39%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 16:06
Updated-23 Oct, 2024 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyFortiPresence
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-15026
Matching Score-4
Assigner-Centreon
ShareView Details
Matching Score-4
Assigner-Centreon
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 29.27%
||
7 Day CHG~0.00%
Published-05 Jan, 2026 | 14:31
Updated-26 Jan, 2026 | 15:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated configuration import allows administrative account creation using AWIE component

Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3.

Action-Not Available
Vendor-CENTREON
Product-awieInfra Monitoring
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-14346
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-5.49% / 91.82%
||
7 Day CHG~0.00%
Published-05 Jan, 2026 | 15:39
Updated-08 Jan, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with the device and issue movement commands, override speed restrictions, and manipulate configuration profiles without any credentials or user interaction.

Action-Not Available
Vendor-WHILL
Product-Model C2 Electric WheelchairModel F Power Chair
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-15391
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.72% / 84.21%
||
7 Day CHG~0.00%
Published-23 Jul, 2020 | 19:45
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution.

Action-Not Available
Vendor-devspacen/a
Product-devspacen/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-14577
Matching Score-4
Assigner-CERT.PL
ShareView Details
Matching Score-4
Assigner-CERT.PL
CVSS Score-9.3||CRITICAL
EPSS-0.39% / 30.87%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 13:21
Updated-02 Mar, 2026 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHP Function Injection in Slican NPC/IPL/IPM/IPU

Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to execute arbitrary PHP commands by sending specially crafted requests to /webcti/session_ajax.php endpoint. This issue was fixed in version 1.24.0190 (Slican NCP) and 6.61.0010 (Slican IPL/IPM/IPU).

Action-Not Available
Vendor-slicanSlican
Product-ipm-032.wmipm-032.2uipu-14_firmwarencp_server_cm300p.1bcipu-14.105.wmipl-256_firmwareipl-256.3uncp_server_cm600p.1bcipl-256.wmncp_firmwarencp_server_cm400p.1bcipu-14.103.wmipm-032_firmwareipu-14.105.1uncp_server_cm300pIPLNCPIPMIPU
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-13030
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-5.1||MEDIUM
EPSS-0.31% / 22.59%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 05:00
Updated-05 May, 2026 | 02:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file names.

Action-Not Available
Vendor-pylixmn/a
Product-django-mdeditordjango-mdeditor
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 14
  • 15
  • Next
Details not found