Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-23147 | Improper Authentication vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. | 6.8 |
| 2021-12-30 | CVE-2021-45379 | Improper Authentication vulnerability in Glewlwyd Project Glewlwyd Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. | 8.8 |
| 2021-12-27 | CVE-2021-45890 | Improper Authentication vulnerability in Authguard Project Authguard basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier. | 9.8 |
| 2021-12-22 | CVE-2021-21902 | Improper Authentication vulnerability in Garrett IC Module CMA 5.0 An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. | 8.1 |
| 2021-12-22 | CVE-2021-21952 | Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. | 9.8 |
| 2021-12-21 | CVE-2021-36350 | Improper Authentication vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. | 7.5 |
| 2021-12-20 | CVE-2021-44525 | Improper Authentication vulnerability in Zohocorp Manageengine Pam360 Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required. | 9.8 |
| 2021-12-20 | CVE-2021-44675 | Improper Authentication vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5 Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required. | 9.8 |
| 2021-12-20 | CVE-2021-44676 | Improper Authentication vulnerability in Zohocorp Manageengine Access Manager Plus 4.1/4.2 Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state. | 9.8 |
| 2021-12-17 | CVE-2021-40851 | Improper Authentication vulnerability in Tcman GIM 11.0/8.0 TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. | 7.5 |