Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-30167

Summary
Assigner-twcert
Assigner Org ID-cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At-28 Apr, 2021 | 09:30
Updated At-17 Sep, 2024 | 02:32
Rejected At-
Credits

MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:twcert
Assigner Org ID:cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At:28 Apr, 2021 | 09:30
Updated At:17 Sep, 2024 | 02:32
Rejected At:
▼CVE Numbering Authority (CNA)
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Affected Products
Vendor
MERIT LILIN ENT.CO.,LTD.
Product
P2/Z2/P3/Z3 IP camera firmware
Versions
Affected
  • From unspecified through 7.1.94.8908 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-522CWE-522 Insufficiently Protected Credentials
Type: CWE
CWE ID: CWE-522
Description: CWE-522 Insufficiently Protected Credentials
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update P2/Z2/P3/Z3 IP camera firmware to SVN9695.

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
x_refsource_MISC
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
x_refsource_MISC
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
x_refsource_MISC
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
x_refsource_MISC
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Resource:
x_refsource_MISC
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Resource:
x_refsource_MISC
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Resource:
x_refsource_MISC
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
x_refsource_MISC
x_transferred
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
x_refsource_MISC
x_transferred
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
x_refsource_MISC
x_transferred
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
x_refsource_MISC
x_transferred
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:twcert@cert.org.tw
Published At:28 Apr, 2021 | 10:15
Updated At:25 Oct, 2022 | 18:50

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

meritlilin
meritlilin
>>p2r8852e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8852e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e2>>-
cpe:2.3:h:meritlilin:p2r8852e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8852e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8852e4>>-
cpe:2.3:h:meritlilin:p2r8852e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6852e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e2>>-
cpe:2.3:h:meritlilin:p2r6852e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6852e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6852e4>>-
cpe:2.3:h:meritlilin:p2r6852e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6552e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e2>>-
cpe:2.3:h:meritlilin:p2r6552e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6552e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6552e4>>-
cpe:2.3:h:meritlilin:p2r6552e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6352ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae2>>-
cpe:2.3:h:meritlilin:p2r6352ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6352ae4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6352ae4>>-
cpe:2.3:h:meritlilin:p2r6352ae4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3052ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r3052ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3052ae2>>-
cpe:2.3:h:meritlilin:p2r3052ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1052_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1052_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1052>>-
cpe:2.3:h:meritlilin:p2g1052:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8822e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e2>>-
cpe:2.3:h:meritlilin:p2r8822e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r8822e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r8822e4>>-
cpe:2.3:h:meritlilin:p2r8822e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6822e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e2>>-
cpe:2.3:h:meritlilin:p2r6822e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6822e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6822e4>>-
cpe:2.3:h:meritlilin:p2r6822e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6522e2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e2>>-
cpe:2.3:h:meritlilin:p2r6522e2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6522e4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6522e4>>-
cpe:2.3:h:meritlilin:p2r6522e4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6322ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae2>>-
cpe:2.3:h:meritlilin:p2r6322ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae4_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r6322ae4_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r6322ae4>>-
cpe:2.3:h:meritlilin:p2r6322ae4:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3022ae2_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2r3022ae2_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2r3022ae2>>-
cpe:2.3:h:meritlilin:p2r3022ae2:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1022_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022>>-
cpe:2.3:h:meritlilin:p2g1022:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022x_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:p2g1022x_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>p2g1022x>>-
cpe:2.3:h:meritlilin:p2g1022x:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8852ax_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8852ax_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8852ax>>-
cpe:2.3:h:meritlilin:z2r8852ax:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x-p_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8152x-p_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x-p>>-
cpe:2.3:h:meritlilin:z2r8152x-p:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x2-p_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8152x2-p_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8152x2-p>>-
cpe:2.3:h:meritlilin:z2r8152x2-p:-:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8052ex25_firmware>>Versions before 7.1.94.8908(exclusive)
cpe:2.3:o:meritlilin:z2r8052ex25_firmware:*:*:*:*:*:*:*:*
meritlilin
meritlilin
>>z2r8052ex25>>-
cpe:2.3:h:meritlilin:z2r8052ex25:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Primarynvd@nist.gov
CWE-522Secondarytwcert@cert.org.tw
CWE ID: CWE-306
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-522
Type: Secondary
Source: twcert@cert.org.tw
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3etwcert@cert.org.tw
Third Party Advisory
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388twcert@cert.org.tw
Third Party Advisory
https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdftwcert@cert.org.tw
Vendor Advisory
https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.htmltwcert@cert.org.tw
Not Applicable
Hyperlink: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Source: twcert@cert.org.tw
Resource:
Third Party Advisory
Hyperlink: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Source: twcert@cert.org.tw
Resource:
Third Party Advisory
Hyperlink: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
Source: twcert@cert.org.tw
Resource:
Vendor Advisory
Hyperlink: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
Source: twcert@cert.org.tw
Resource:
Not Applicable

Change History

0
Information is not available yet

Similar CVEs

748Records found

CVE-2022-45599
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.86%
||
7 Day CHG~0.00%
Published-22 Feb, 2023 | 00:00
Updated-17 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.

Action-Not Available
Vendor-aztechn/a
Product-wmb250ac_firmwarewmb250acn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2013-7052
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-24.68% / 97.63%
||
7 Day CHG~0.00%
Published-04 Feb, 2020 | 13:49
Updated-06 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-100dir-100_firmwaren/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-50981
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 40.76%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 14:12
Updated-03 Feb, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

Action-Not Available
Vendor-Innomicavibia
Product-VibroLine VLE4 HD 5.0VibroLine VLX6 HD 5.0AvibiaLine AVLE1 HD 5.0VibroLine VLX2 HD 4.0VibroLine VLE6 HD 4.0AvibiaLine AVLX8 HD 5.0VibroLine VLX6 HD 4.0VibroLine VLX1 HD 4.0VibroLine VLX4 HD 5.0VibroLine VLE6 HD 5.0AvibiaLine AVLE6 HD 5.0AvibiaLine AVLE4 HD 5.0VibroLine VLE2 HD 5.0AvibiaLine AVLE2 HD 5.0AvibiaLine AVLX4 HD 5.0AvibiaLine AVLX1 HD 5.0AvibiaLine AVLE8 HD 5.0VibroLine VLX2 HD 5.0AvibiaLine AVLX2 HD 5.0VibroLine VLE1 HD 4.0VibroLine VLX8 HD 4.0VibroLine VLE8 HD 4.0VibroLine VLE8 HD 5.0VibroLine VLE4 HD 4.0VibroLine VLE1 HD 5.0VibroLine VLX8 HD 5.0AvibiaLine AVLX6 HD 5.0VibroLine VLX1 HD 5.0VibroLine VLE2 HD 4.0VibroLine VLX4 HD 4.0
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-50593
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.69% / 48.48%
||
7 Day CHG+0.06%
Published-06 Nov, 2025 | 19:57
Updated-08 Dec, 2025 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘search_term’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitation allows for remote code execution with administrator privileges.

Action-Not Available
Vendor-Advantech (Advantech Co., Ltd.)
Product-iviewiView
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4693
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-1.60% / 72.81%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 14:31
Updated-02 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User Verification < 1.0.94 - Authentication Bypass

The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website.

Action-Not Available
Vendor-pickpluginsUnknown
Product-user_verificationUser Verification
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-287
Improper Authentication
CVE-2022-46414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.26% / 66.07%
||
7 Day CHG~0.00%
Published-04 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.

Action-Not Available
Vendor-n/aVeritas Technologies LLC
Product-access_appliancenetbackup_flex_scale_appliancen/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-46967
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.14% / 62.76%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 00:00
Updated-31 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory.

Action-Not Available
Vendor-revenue_collection_system_projectn/a
Product-revenue_collection_systemn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-47377
Matching Score-4
Assigner-SICK AG
ShareView Details
Matching Score-4
Assigner-SICK AG
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 54.77%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).

Action-Not Available
Vendor-n/aSICK AG
Product-sim2000_firmwaresim2000stSICK SIM2000ST (LFT PPC)
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-640
Weak Password Recovery Mechanism for Forgotten Password
CVE-2022-45933
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-51.70% / 98.82%
||
7 Day CHG~0.00%
Published-27 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure."

Action-Not Available
Vendor-kubeview_projectn/a
Product-kubeviewn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-45479
Matching Score-4
Assigner-Black Duck Software, Inc.
ShareView Details
Matching Score-4
Assigner-Black Duck Software, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.64% / 73.42%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Action-Not Available
Vendor-beappsmobileBEAppsMobile
Product-pc_keyboard_wifi\&bluetoothPC Keyboard WiFi & Bluetooth
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-53072
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 46.75%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in takeover of Oracle Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-marketingOracle Marketing
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-46145
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-1.18% / 63.80%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 17:12
Updated-23 Apr, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
authentik vulnerable to unauthorized user creation and potential account takeover

authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user creation and potential account takeover. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts. authentik 2022.11.2 and 2022.10.2 fix this issue. As a workaround, a policy can be created and bound to the `default-user-settings-flow flow` with the contents `return request.user.is_authenticated`.

Action-Not Available
Vendor-goauthentikgoauthentik
Product-authentikauthentik
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-45138
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.74% / 50.13%
||
7 Day CHG~0.00%
Published-27 Feb, 2023 | 14:36
Updated-10 Mar, 2025 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Missing Authentication for Critical Function

The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.

Action-Not Available
Vendor-wagoWAGO
Product-pfc200_firmwaretouch_panel_600_advanced_firmwaretouch_panel_600_marine_firmwaretouch_panel_600_standard751-9301touch_panel_600_advancedtouch_panel_600_standard_firmwarepfc200pfc100_firmware752-8303\/8000-002_firmwarepfc100touch_panel_600_marine752-8303\/8000-002751-9301_firmwareTouch Panel 600 Standard Line (762-4xxx)Edge Controller (752-8303/8000-002)Touch Panel 600 Advanced Line (762-5xxx)PFC200 (750-82xx/xxx-xxx)Compact Controller CC100 (751-9301)PFC100 (750-81xx/xxx-xxx)Touch Panel 600 Marine Line (762-6xxx)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-45481
Matching Score-4
Assigner-Black Duck Software, Inc.
ShareView Details
Matching Score-4
Assigner-Black Duck Software, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.64% / 73.42%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Action-Not Available
Vendor-lzmousethisAAY
Product-lazy_mouseLazy Mouse
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-44001
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.10% / 61.77%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the CORBA back-end services can be bypassed.

Action-Not Available
Vendor-backclickn/a
Product-backclickn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-44000
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 56.89%
||
7 Day CHG~0.00%
Published-16 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal communications interface, it is possible to execute arbitrary system commands on the server.

Action-Not Available
Vendor-backclickn/a
Product-backclickn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-913
Improper Control of Dynamically-Managed Code Resources
CVE-2025-53037
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 34.38%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in takeover of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-financial_services_analytical_applications_infrastructureOracle Financial Services Analytical Applications Infrastructure
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-43999
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 56.89%
||
7 Day CHG~0.00%
Published-16 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management services, arbitrary system commands can be executed on the server.

Action-Not Available
Vendor-backclickn/a
Product-backclickn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-11673
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.52% / 87.83%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 15:01
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wp_ajax_nopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operations.

Action-Not Available
Vendor-total-softn/a
Product-responsive_polln/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-43976
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 48.81%
||
7 Day CHG~0.00%
Published-17 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication.

Action-Not Available
Vendor-gen/a
Product-ms_3000_firmwarems_3000n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-43110
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 45.18%
||
7 Day CHG~0.00%
Published-22 Aug, 2025 | 00:00
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-425
Direct Request ('Forced Browsing')
CVE-2022-42785
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 58.60%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 11:01
Updated-01 May, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wiesemann & Theis: Authentication bypass in Com-Server family

Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.

Action-Not Available
Vendor-wutWiesemann & Theis
Product-com-server_20macom-server_highspeed_ulcom-server_highspeed_office_4port_firmwarecom-server_highspeed_poe_3x_isolatedcom-server_highspeed_isolatedcom-server_highspeed_industrycom-server_highspeed_industry_firmwarecom-server_highspeed_100basefx_firmwarecom-server_highspeed_100baselx_firmwarecom-server_highspeed_isolated_firmwarecom-server_highspeed_lc_firmwarecom-server_20ma_firmwarecom-server_highspeed_ul_firmwarecom-server_highspeed_19\"_1port_firmwarecom-server_highspeed_office_4portat-modem-emulatorcom-server_\+\+com-server_highspeed_100baselxcom-server_highspeed_office_1portcom-server_highspeed_100basefxcom-server_highspeed_oem_firmwarecom-server_highspeed_office_1port_firmwarecom-server_highspeed_poe_firmwarecom-server_\+\+_firmwarecom-server_highspeed_lccom-server_highspeed_poe_3x_isolated_firmwarecom-server_highspeed_oemcom-server_highspeed_19\"_4port_firmwarecom-server_highspeed_19\"_4portcom-server_highspeed_compact_firmwarecom-server_highspeed_poecom-server_highspeed_19\"_1portcom-server_highspeed_compactat-modem-emulator_firmwareCom-Server Highspeed OEMCom-Server ULCom-Server ++Com-Server Highspeed Office 4 PortCom-Server Highspeed 19" 4PortCom-Server Highspeed 100BaseFXCom-Server Highspeed CompactCom-Server 20mACom-Server PoE 3 x IsolatedCom-Server Highspeed IsolatedCom-Server Highspeed IndustryCom-Server Highspeed 100BaseLXCom-Server LCAT-Modem-EmulatorCom-Server Highspeed 19" 1PortCom-Server Highspeed Office 1 PortCom-Server Highspeed PoE
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-42970
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.71% / 49.10%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-05 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)

Action-Not Available
Vendor-Microsoft CorporationSchneider Electric SE
Product-windows_server_2016apc_easy_ups_online_monitoring_softwareeasy_ups_online_monitoring_softwarewindows_7windows_11windows_10windows_server_2022windows_server_2019Schneider Electric Easy UPS Online Monitoring SoftwareAPC Easy UPS Online Monitoring Software
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-4229
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.90% / 55.22%
||
7 Day CHG~0.00%
Published-30 Nov, 2022 | 00:00
Updated-14 Apr, 2025 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Book Store Management System index.php access control

A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214588.

Action-Not Available
Vendor-book_store_management_system_projectSourceCodester
Product-book_store_management_systemBook Store Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-41331
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.27% / 66.40%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 16:06
Updated-23 Oct, 2024 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyFortiPresence
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-53378
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.6||HIGH
EPSS-0.65% / 46.58%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 18:58
Updated-03 Oct, 2025 | 00:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an unauthenticated attacker to remotely take control of the agent on affected installations. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only.

Action-Not Available
Vendor-Trend Micro IncorporatedMicrosoft Corporation
Product-worry-free_business_security_serviceswindowsTrend Micro Worry-Free Business Security Services
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-45611
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.68%
||
7 Day CHG~0.00%
Published-22 Aug, 2023 | 00:00
Updated-27 Nov, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information.

Action-Not Available
Vendor-fresenius-kabin/a
Product-pharmahelppharmahelp_firmwaren/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-5310
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.73% / 49.68%
||
7 Day CHG~0.00%
Published-27 Jun, 2025 | 17:22
Updated-04 Sep, 2025 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dover Fueling Solutions ProGauge MagLink LX Consoles Missing Authentication for Critical Function

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.

Action-Not Available
Vendor-Dover Fueling Solutions
Product-ProGauge MagLink LX 4ProGauge MagLink LX PlusProGauge MagLink LX Ultimate
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-53118
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.8||CRITICAL
EPSS-29.37% / 97.95%
||
7 Day CHG~0.00%
Published-25 Aug, 2025 | 16:06
Updated-25 Aug, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Securden Unified PAM Authentication Bypass

An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM.

Action-Not Available
Vendor-Securden
Product-Unified PAM
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-15113
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.43% / 34.78%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 22:41
Updated-11 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload

Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.

Action-Not Available
Vendor-kseniasecurityKsenia Security S.p.A.
Product-lareslares_firmwarelares
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-40202
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.60%
||
7 Day CHG~0.00%
Published-31 Oct, 2022 | 19:35
Updated-16 Apr, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious serialized objects which, when deserialized, could activate an opcode for a backup scheduling function without authentication. This function allows the user to designate all function arguments and the file to be executed. This could allow the attacker to start any new process and achieve remote code execution.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-infrasuite_device_masterInfraSuite Device Master
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-4958
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.4||HIGH
EPSS-1.70% / 74.37%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 14:00
Updated-17 Sep, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. IBM X-Force ID: 192209.

Action-Not Available
Vendor-IBM Corporation
Product-security_identity_governance_and_intelligenceSecurity Identity Governance and Intelligence
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-38057
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.60% / 44.42%
||
7 Day CHG~0.00%
Published-25 Mar, 2024 | 11:36
Updated-28 Apr, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress TH Advance Product Search plugin <= 1.2.1 - Unauthenticated Plugin Settings Reset vulnerability

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.2.1.

Action-Not Available
Vendor-themehunkThemeHunkthemehunk
Product-th_advance_product_searchAdvance WordPress Search Pluginadvanced_wordpress_search
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-862
Missing Authorization
CVE-2022-37109
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-49.20% / 98.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.

Action-Not Available
Vendor-camp_projectn/a
Product-campn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-52095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 23.99%
||
7 Day CHG~0.00%
Published-22 Aug, 2025 | 00:00
Updated-27 Jan, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll

Action-Not Available
Vendor-pdqn/a
Product-smart_deployn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-36983
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-4.69% / 90.68%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-3674
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.51% / 39.85%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 00:00
Updated-14 Apr, 2025 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Sanitization Management System missing authentication

A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The identifier VDB-212017 was assigned to this vulnerability.

Action-Not Available
Vendor-SourceCodesteroretnom23
Product-sanitization_management_systemSanitization Management System
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-35865
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.3||HIGH
EPSS-1.44% / 70.03%
||
7 Day CHG~0.00%
Published-03 Aug, 2022 | 15:21
Updated-02 Jun, 2026 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16709.

Action-Not Available
Vendor-bmcBMC
Product-track-it\!Track-It!
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-35411
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-45.86% / 98.66%
||
7 Day CHG~0.00%
Published-08 Jul, 2022 | 18:07
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Action-Not Available
Vendor-rpc.py_projectn/a
Product-rpc.pyn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32519
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.47% / 37.46%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-257
Storing Passwords in a Recoverable Format
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-52549
Matching Score-4
Assigner-dd59f033-460c-4b88-a075-d4d3fedb6191
ShareView Details
Matching Score-4
Assigner-dd59f033-460c-4b88-a075-d4d3fedb6191
CVSS Score-9.2||CRITICAL
EPSS-0.45% / 36.12%
||
7 Day CHG~0.00%
Published-02 Sep, 2025 | 11:26
Updated-01 Oct, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Predictable root linux password generation

E3 Site Supervisor Control (firmware version < 2.31F01) generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters.

Action-Not Available
Vendor-copelandCopeland LP
Product-site_supervisor_sf_860-1200site_supervisor_rxe_860-1225site_supervisor_rx_860-1220site_supervisor_cx_860-1260site_supervisor_bx_860-1240site_supervisor_cxe_860-1265e3_supervisory_controller_firmwaresite_supervisor_bxe_860-1245E3 Supervisory Control
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32520
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.53% / 41.06%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32518
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.53% / 41.06%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-3327
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-4.5||MEDIUM
EPSS-0.75% / 50.42%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 00:00
Updated-09 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authentication for Critical Function in ikus060/rdiffweb

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

Action-Not Available
Vendor-IKUS Software
Product-rdiffwebikus060/rdiffweb
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-5095
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.87% / 54.49%
||
7 Day CHG~0.00%
Published-08 Aug, 2025 | 17:24
Updated-08 Aug, 2025 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Burk Technology ARC Solo Missing Authentication for Critical Function

Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforce proper authentication or session validation, allowing the password change to proceed without verifying the request's legitimacy.

Action-Not Available
Vendor-Burk Technology
Product-ARC Solo
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-51543
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 25.76%
||
7 Day CHG~0.00%
Published-19 Aug, 2025 | 00:00
Updated-05 Jul, 2026 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-3229
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.8||CRITICAL
EPSS-66.35% / 99.19%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 22:52
Updated-25 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of the attacker's choosing.

Action-Not Available
Vendor-unifiedremoteUnified Intents ABMicrosoft Corporation
Product-unified_remotewindowsUnified Remote
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-31887
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.47% / 70.66%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 21:09
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achieve Privilege Escalation by changing the administrator password.

Action-Not Available
Vendor-marvalglobaln/a
Product-marval_msmn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2026-8732
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-9.46% / 94.84%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 05:32
Updated-29 May, 2026 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which unconditionally creates a new WordPress user with the hardcoded role of administrator via wp_insert_user() and returns a magic login URL that, when visited, calls wp_set_auth_cookie() to fully authenticate the attacker as the newly created administrator, resulting in complete site takeover.

Action-Not Available
Vendor-flippercode
Product-WP Maps Pro
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-32251
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.10% / 61.81%
||
7 Day CHG+0.01%
Published-14 Jun, 2022 | 09:22
Updated-21 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 14
  • 15
  • Next
Details not found