Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-54103

Summary
Assigner-cisa-cg
Assigner Org ID-9119a7d8-5eab-497f-8521-727c672e3725
Published At-18 Jun, 2026 | 16:12
Updated At-22 Jun, 2026 | 12:32
Rejected At-
Credits

U.S. GAO EPDS and CBCA EDS unauthenticated password change

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisa-cg
Assigner Org ID:9119a7d8-5eab-497f-8521-727c672e3725
Published At:18 Jun, 2026 | 16:12
Updated At:22 Jun, 2026 | 12:32
Rejected At:
▼CVE Numbering Authority (CNA)
U.S. GAO EPDS and CBCA EDS unauthenticated password change

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.

Affected Products
Vendor
Government Accountability Office
Product
Electronic Protest Docketing System (EPDS)
Default Status
unknown
Versions
Affected
  • From 0 before 2026-02-22 (custom)
Unaffected
  • 2026-02-22
Vendor
Civilian Board of Contract Appeals
Product
Electronic Docketing System (EDS)
Default Status
affected
Versions
Affected
  • From 0 before 2026-03-19 (custom)
Unaffected
  • 2026-03-19
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306 Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Blake Rash, CISA
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-169-01.json
N/A
https://www.cve.org/CVERecord?id=CVE-2026-54103
vdb-entry
https://epds.gao.gov/
product
https://www.eds.cbca.gov/login
product
Hyperlink: https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-169-01.json
Resource: N/A
Hyperlink: https://www.cve.org/CVERecord?id=CVE-2026-54103
Resource:
vdb-entry
Hyperlink: https://epds.gao.gov/
Resource:
product
Hyperlink: https://www.eds.cbca.gov/login
Resource:
product
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:9119a7d8-5eab-497f-8521-727c672e3725
Published At:18 Jun, 2026 | 17:16
Updated At:22 Jun, 2026 | 14:17

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
N/A
N/A
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-306Secondary9119a7d8-5eab-497f-8521-727c672e3725
CWE ID: CWE-306
Type: Secondary
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://epds.gao.gov/9119a7d8-5eab-497f-8521-727c672e3725
N/A
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-169-01.json9119a7d8-5eab-497f-8521-727c672e3725
N/A
https://www.cve.org/CVERecord?id=CVE-2026-541039119a7d8-5eab-497f-8521-727c672e3725
N/A
https://www.eds.cbca.gov/login9119a7d8-5eab-497f-8521-727c672e3725
N/A
Hyperlink: https://epds.gao.gov/
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Resource: N/A
Hyperlink: https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-169-01.json
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Resource: N/A
Hyperlink: https://www.cve.org/CVERecord?id=CVE-2026-54103
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Resource: N/A
Hyperlink: https://www.eds.cbca.gov/login
Source: 9119a7d8-5eab-497f-8521-727c672e3725
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

663Records found

CVE-2020-25228
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.61%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-26143
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-87.56% / 99.73%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 15:32
Updated-03 Nov, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Action-Not Available
Vendor-n/aMitel Networks Corp.
Product-micollabmivoice_business_expressn/aMiCollab, MiVoice Business Express
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2006-0062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 70.36%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 02:13
Updated-07 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

Action-Not Available
Vendor-sillycyclen/a
Product-xlockmoren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-41715
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.84%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 09:04
Updated-24 Sep, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authentication for Database Access in Web Application

The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it.

Action-Not Available
Vendor-WAGO
Product-Solution BuilderDevice Sphere
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-44116
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 30.11%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 12:01
Updated-18 Sep, 2024 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this vulnerability may cause some apps to run without being authorized.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8364
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 22.21%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:38
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Missing Authentication for Critical Functions

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-61945
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-0.75% / 50.48%
||
7 Day CHG-0.01%
Published-04 Nov, 2025 | 16:10
Updated-12 Nov, 2025 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authentication for Critical Function in Radiometrics VizAir

Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weather forecasting and flight safety. This unauthorized access could result in the disabling of vital alerts, causing hazardous conditions for aircraft, and manipulating runway assignments, which could result in mid-air conflicts or runway incursions.

Action-Not Available
Vendor-radiometricsRadiometrics
Product-vizairVizAir
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-7415
Matching Score-4
Assigner-Austin Hackers Anonymous
ShareView Details
Matching Score-4
Assigner-Austin Hackers Anonymous
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.68%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 16:11
Updated-14 May, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind.

Action-Not Available
Vendor-yarboYarbo
Product-lawn_mowerlawn_mower_firmwarelawn_mower_prolawn_mower_pro_firmwareFirmware
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-61928
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-18.01% / 96.83%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 21:24
Updated-14 Oct, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Better Auth: Unauthenticated API key creation through api-key plugin

Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the `api/auth/api-key/create` route. `session?.user ?? (authRequired ? null : { id: ctx.body.userId })`. When no session exists but `userId` is present in the request body, `authRequired` becomes false and the user object is set to the attacker-controlled ID. Server-only field validation only executes when `authRequired` is true (lines 280-295), allowing attackers to set privileged fields. No additional authentication occurs before the database operation, so the malicious payload is accepted. The same pattern exists in the update endpoint. This is a critical authentication bypass enabling full an unauthenticated attacker can generate an API key for any user and immediately gain complete authenticated access. This allows the attacker to perform any action as the victim user using the api key, potentially compromise the user data and the application depending on the victim's privileges. Version 1.3.26 contains a patch for the issue.

Action-Not Available
Vendor-better-auth
Product-better-auth
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-6274
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.66%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 09:01
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass in DTS Electronics' Redline WR3200

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.

Action-Not Available
Vendor-DTS Electronics Industry and Trade Ltd. Co.
Product-Redline WR3200
CWE ID-CWE-1390
Weak Authentication
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-24051
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 80.49%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 14:23
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF interoperability IP-based physical security protocol, which requires authentication for some of its operations. It was found that the authentication check for those ONVIF operations can be bypassed. An attacker can abuse this issue to execute privileged operations without authentication, for instance, to create a new Administrator user.

Action-Not Available
Vendor-moogn/a
Product-exvf5c-2exvf5c-2_firmwareexvp7c2-3exvp7c2-3_firmwaren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-59695
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 41.81%
||
7 Day CHG+0.01%
Published-02 Dec, 2025 | 00:00
Updated-15 Dec, 2025 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

Action-Not Available
Vendor-entrustn/a
Product-nshield_hsmi_firmwarenshield_connect_xc_highnshield_connect_xc_high_firmwarenshield_connect_xc_base_firmwarenshield_connect_xc_basenshield_hsminshield_connect_xc_mid_firmwarenshield_connect_xc_midnshield_5c_firmwarenshield_5cn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-5906
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.51% / 39.97%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 00:31
Updated-13 Jun, 2025 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Laundry System data missing authentication

A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Source Code & Projects
Product-laundry_systemLaundry System
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.44% / 69.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 16:15
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

Action-Not Available
Vendor-systematicn/a
Product-iris_webformsn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-57432
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 44.44%
||
7 Day CHG~0.00%
Published-22 Sep, 2025 | 00:00
Updated-14 Oct, 2025 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands. This service allows remote attackers to manipulate stream settings, including changing video modes and possibly altering device functionality. No credentials or authentication mechanisms are required to interact with the Telnet interface.

Action-Not Available
Vendor-blackmagicdesignn/a
Product-web_presenter_hd_firmwareweb_presenter_4kweb_presenter_hdweb_presenter_4k_firmwaren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-26501
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.28% / 89.90%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 20:28
Updated-03 Nov, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-01-03||Apply updates per vendor instructions.

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

Action-Not Available
Vendor-n/aVeeam Software Group GmbH
Product-veeam_backup_\&_replicationn/aBackup & Replication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18938
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:52
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.

Action-Not Available
Vendor-hm_email_projecteq-3n/a
Product-homematic_ccu2_firmwarehm_emailhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18939
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-40.78% / 98.48%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:53
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

Action-Not Available
Vendor-eq-3hm-print_projectn/a
Product-homematic_ccu2_firmwarehm-printhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-55583
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.83% / 92.26%
||
7 Day CHG~0.00%
Published-28 Aug, 2025 | 00:00
Updated-09 Sep, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via crafted HTTP requests.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-868l_firmwaredir-868ln/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41651
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 39.85%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 08:38
Updated-28 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weidmueller: Missing Authentication Vulnerability in Industrial Ethernet Switches

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.

Action-Not Available
Vendor-Weidmueller
Product-IE-SW-VL08MT-6TX-2STIE-SW-PL10MT-3GT-7TXIE-SW-PL18MT-2GC-16TXIE-SW-VL08MT-6TX-2SCSIE-SW-VL08MT-8TXIE-SW-PL16MT-16TXIE-SW-PL10M-3GT-7TXIE-SW-VL05MT-5TXIE-SW-PL16M-16TXIE-SW-VL08MT-6TX-2SCIE-SW-VL05M-5TXIE-SW-VL08MT-5TX-1SC-2SCSIE-SW-PL18M-2GC-16TX
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-19104
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-9.1||CRITICAL
EPSS-1.37% / 68.64%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 14:31
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Improper Authentication and Access Control

The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue allows obtaining sensitive information that may aid in further attacks and privilege escalation.

Action-Not Available
Vendor-Busch-Jaeger (ABB)ABB
Product-6186\/11_firmware6186\/11tg\/s3.2tg\/s3.2_firmware6186/11 Telefon-Gateway TG/S 3.2 Telephone Gateway
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40736
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.40% / 32.09%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40765
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.51% / 39.59%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:15
Updated-21 Oct, 2025 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic V3.1
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:50
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.

Action-Not Available
Vendor-scriptparser_projecteq-3n/a
Product-homematic_ccu2_firmwarescriptparserhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-42793
Matching Score-4
Assigner-JetBrains s.r.o.
ShareView Details
Matching Score-4
Assigner-JetBrains s.r.o.
CVSS Score-9.8||CRITICAL
EPSS-99.98% / 99.98%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 16:57
Updated-24 Oct, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-25||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

Action-Not Available
Vendor-JetBrains s.r.o.
Product-teamcityTeamCityTeamCity
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-1895
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.28% / 81.04%
||
7 Day CHG~0.00%
Published-07 Aug, 2019 | 20:55
Updated-19 Nov, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability

A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-12720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-88.95% / 99.76%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 23:52
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40771
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.48% / 38.25%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:15
Updated-14 Oct, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.4.24). Affected devices do not properly authenticate configuration connections. This could allow an unauthenticated remote attacker to access the configuration data.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1543SP-1SIMATIC CP 1542SP-1SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1542SP-1 IRC
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-4019
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.60% / 44.46%
||
7 Day CHG+0.02%
Published-28 Apr, 2025 | 12:00
Updated-10 Oct, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
20120630 Novel-Plus GeneratorController.java genCode missing authentication

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-xxyopen20120630
Product-novel-plusNovel-Plus
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-53037
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 34.37%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in takeover of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-financial_services_analytical_applications_infrastructureOracle Financial Services Analytical Applications Infrastructure
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18339
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.65% / 83.79%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiVMS/SiNVR users database, including the passwords of all users in obfuscated cleartext.

Action-Not Available
Vendor-Siemens AG
Product-sinvr_3_video_serversinvr_3_central_control_serverSiNVR/SiVMS Video Server
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-5310
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.73% / 49.65%
||
7 Day CHG~0.00%
Published-27 Jun, 2025 | 17:22
Updated-04 Sep, 2025 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dover Fueling Solutions ProGauge MagLink LX Consoles Missing Authentication for Critical Function

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.

Action-Not Available
Vendor-Dover Fueling Solutions
Product-ProGauge MagLink LX 4ProGauge MagLink LX PlusProGauge MagLink LX Ultimate
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18284
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 78.65%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-53072
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 46.72%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in takeover of Oracle Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-marketingOracle Marketing
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-5192
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
ShareView Details
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
CVSS Score-9.3||CRITICAL
EPSS-0.44% / 35.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 09:15
Updated-04 Feb, 2026 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Soar Cloud HRD Human Resource Management System - Missing Authentication for Critical Function

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.

Action-Not Available
Vendor-scshrSoar Cloud System CO., LTD.
Product-hr_portalHRD Human Resource Management System
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-5095
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||CRITICAL
EPSS-0.87% / 54.47%
||
7 Day CHG~0.00%
Published-08 Aug, 2025 | 17:24
Updated-08 Aug, 2025 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Burk Technology ARC Solo Missing Authentication for Critical Function

Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforce proper authentication or session validation, allowing the password change to proceed without verifying the request's legitimacy.

Action-Not Available
Vendor-Burk Technology
Product-ARC Solo
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-49652
Matching Score-4
Assigner-HiddenLayer, Inc.
ShareView Details
Matching Score-4
Assigner-HiddenLayer, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 29.45%
||
7 Day CHG~0.00%
Published-09 Jun, 2025 | 17:26
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper access control allows arbitrary account creation

Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled.

Action-Not Available
Vendor-Lablup
Product-BackendAI
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18572
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-1.99% / 78.23%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 20:50
Updated-16 Sep, 2024 | 22:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application.

Action-Not Available
Vendor-Dell Inc.
Product-rsa_identity_governance_and_lifecycleRSA Identity Governance & Lifecycle
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-17506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-57.30% / 98.95%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 19:29
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-817lw_a1_firmwaredir-868l_b1dir-868l_b1_firmwaredir-817lw_a1n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-10640
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-2.99% / 85.67%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 18:50
Updated-16 Apr, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ICSA-20-140-02 Emerson OpenEnterprise

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.

Action-Not Available
Vendor-emersonEmerson
Product-openenterprise_scada_serverOpenEnterprise SCADA Software
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18666
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.19% / 86.53%
||
7 Day CHG~0.00%
Published-15 May, 2020 | 17:18
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dap-1360_revision_f_firmwaredap-1360_revision_fn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-3699
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.09% / 61.30%
||
7 Day CHG~0.00%
Published-26 Jun, 2025 | 22:40
Updated-23 Dec, 2025 | 03:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 all versions, G-50-W all versions, G-50A all versions, GB-50 all versions, GB-50A all versions, GB-24A all versions, G-150AD all versions, AG-150A-A all versions, AG-150A-J all versions, GB-50AD all versions, GB-50ADA-A all versions, GB-50ADA-J all versions, EB-50GU-A all versions, EB-50GU-J all versions, AE-200J all versions, AE-200A all versions, AE-200E all versions, AE-50J all versions, AE-50A all versions, AE-50E all versions, EW-50J all versions, EW-50A all versions, EW-50E all versions, TE-200A all versions, TE-50A all versions, TW-50A all versions, and CMS-RMD-J all versions allows a remote unauthenticated attacker to bypass authentication and then control the air conditioning systems illegally, or disclose information in them by exploiting this vulnerability. In addition, the attacker may tamper with firmware for them using the disclosed information.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-AG-150A-JAE-50EGB-50ADEW-50JTW-50AEB-50GU-AGB-24AAE-200JGB-50ADA-JAE-50JEB-50GU-JAE-200AEW-50EAE-50AG-150ADTE-50ATE-200AEW-50AAG-150A-AGB-50ADA-AAE-200EGB-50AGB-50G-50CMS-RMD-JG-50AG-50-W
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-35051
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
CVSS Score-7.7||HIGH
EPSS-0.77% / 51.15%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 20:19
Updated-26 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Newforma Project Center Server (NPCS) .NET unauthenticated deserialization

Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS endpoint is only accessible on an internal network. To mitigate this vulnerability, restrict network access to NPCS.

Action-Not Available
Vendor-newformaNewforma
Product-project_centerProject Center
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-34089
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-1.39% / 68.96%
||
7 Day CHG~0.00%
Published-03 Jul, 2025 | 19:47
Updated-15 May, 2026 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote for Mac Unauthenticated Remote Code Execution via AppleScript Injection

An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility developed by Aexol Studio, in versions up to and including 2025.7. When the application is configured with authentication disabled (i.e., the "Allow unknown devices" option is enabled), the /api/executeScript endpoint is exposed without access control. This allows unauthenticated remote attackers to inject arbitrary AppleScript payloads via the X-Script HTTP header, resulting in code execution using do shell script. Successful exploitation grants attackers the ability to run arbitrary commands on the macOS host with the privileges of the Remote for Mac background process.

Action-Not Available
Vendor-Aexol Studio
Product-Remote for Mac
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-35050
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
CVSS Score-9.3||CRITICAL
EPSS-0.84% / 53.39%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 20:19
Updated-09 Jan, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Newforma Info Exchange (NIX) .NET unauthenticated deserialization

Newforma Info Exchange (NIX) accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. The vulnerable endpoint is used by Newforma Project Center Server (NPCS), so a compromised NIX system can be used to attack an associated NPCS system. To mitigate this vulnerability, restrict network access to the '/remoteweb/remote.rem' endpoint, for example using the IIS URL Rewrite Module.

Action-Not Available
Vendor-newformaNewforma
Product-project_centerProject Center
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-34216
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-10||CRITICAL
EPSS-0.76% / 50.75%
||
7 Day CHG~0.00%
Published-29 Sep, 2025 | 20:39
Updated-15 May, 2026 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vasion Print (formerly PrinterLogic) RCE and Password Leaks via API

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (VA deployments only) expose a set of unauthenticated REST API endpoints that return configuration files and clear‑text passwords. The same endpoints also disclose the Laravel APP_KEY used for cryptographic signing. Because the APP_KEY is required to generate valid signed requests, an attacker who obtains it can craft malicious payloads that are accepted by the application and achieve remote code execution on the appliance. This vulnerability has been identified by the vendor as: V-2024-018 — RCE & Leaks via API.

Action-Not Available
Vendor-vasionVasion
Product-virtual_appliance_applicationvirtual_appliance_hostPrint Virtual Appliance HostPrint Application
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-3461
Matching Score-4
Assigner-Austin Hackers Anonymous
ShareView Details
Matching Score-4
Assigner-Austin Hackers Anonymous
CVSS Score-9.1||CRITICAL
EPSS-0.50% / 39.33%
||
7 Day CHG~0.00%
Published-08 Jun, 2025 | 21:02
Updated-13 Jan, 2026 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ON Semiconductor Quantenna Telnet Missing Authentication

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.

Action-Not Available
Vendor-onsemiON Semiconductor
Product-qd840qhs710_firmwareqcs-ax2-t8qv840cqhs710qcs-ax3-t8_firmwareqv840c_firmwareqv940_firmwareqv942cqcs-ax2-s5qcs-ax3-t12_firmwareqv952cqsr10gaqcs-ax2-s5_firmwareqcs-ax2-a12_firmwareqcs-ax3-s5qcs-ax2-t12_firmwareqcs-ax3-s5_firmwareqv940qv840qsr10guqcs-ax3-t12qd840_firmwareqcs-ax3-a12qv840_firmwareqcs-ax2-t12qcs-ax2-a12qcs-ax3-a12_firmwareqsr10ga_firmwareqv952c_firmwareqsr10gu_firmwareqv942c_firmwareqv860_firmwareqv860qcs-ax3-t8qcs-ax2-t8_firmwareQuantenna Wi-Fi chipset
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-34102
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-6.77% / 93.19%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 19:16
Updated-07 Apr, 2026 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CryptoLog Unauthenticated RCE via SQL Injection and Command Injection

A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009) due to a chained exploitation of SQL injection and command injection vulnerabilities. An unauthenticated attacker can gain shell access as the web server user by first exploiting a SQL injection flaw in login.php to bypass authentication, followed by command injection in logshares_ajax.php to execute arbitrary operating system commands. The login bypass is achieved by submitting crafted SQL via the user POST parameter. Once authenticated, the attacker can abuse the lsid POST parameter in the logshares_ajax.php endpoint to inject and execute a command using $(...) syntax, resulting in code execution under the web context. This exploitation path does not exist in the ASP.NET version of CryptoLog released since 2009.

Action-Not Available
Vendor-Crypttech
Product-CryptoLog
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-18465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 70.90%
||
7 Day CHG~0.00%
Published-31 Oct, 2019 | 16:11
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in without full credentials via the SSH (SFTP) interface. The vulnerability affects only certain SSH (SFTP) configurations, and is applicable only if the MySQL database is being used.

Action-Not Available
Vendor-n/aIpswitch, Inc.
Product-moveit_transfern/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-34434
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.41% / 33.33%
||
7 Day CHG~0.00%
Published-17 Dec, 2025 | 19:49
Updated-23 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVideo < 20.1 ImageGallery Plugin Unauthenticated File Upload and Deletion

AVideo versions prior to 20.1 with the ImageGallery plugin enabled is vulnerable to unauthenticated file upload and deletion. Plugin endpoints responsible for managing gallery images fail to enforce authentication checks and do not validate ownership, allowing unauthenticated attackers to upload or delete images associated with any image-based video.

Action-Not Available
Vendor-wwbnWorld Wide Broadcast Network
Product-avideoAVideo
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 13
  • 14
  • Next
Details not found