Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2020-14140 | Missing Authentication for Critical Function vulnerability in MI Xiaomi Router Firmware When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. | 7.5 |
| 2023-03-27 | CVE-2022-48291 | Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos The Bluetooth module has an authentication bypass vulnerability in the pairing process. | 6.5 |
| 2023-03-27 | CVE-2023-1140 | Missing Authentication for Critical Function vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that could allow an attacker to achieve unauthenticated remote code execution in the context of an administrator. | 9.8 |
| 2023-03-23 | CVE-2023-28470 | Missing Authentication for Critical Function vulnerability in Couchbase Server In Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without authentication. | 5.3 |
| 2023-03-10 | CVE-2023-27532 | Missing Authentication for Critical Function vulnerability in Veeam Backup & Replication 11.0.1.1261/12.0.0.1420 Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. | 7.5 |
| 2023-03-03 | CVE-2022-45551 | Missing Authentication for Critical Function vulnerability in ZBT We1626 Firmware 21.06.18 An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint. | 9.8 |
| 2023-02-28 | CVE-2023-20857 | Missing Authentication for Critical Function vulnerability in VMWare Workspace ONE Content 3.20/3.20.1/3.21 VMware Workspace ONE Content contains a passcode bypass vulnerability. | 6.8 |
| 2023-02-20 | CVE-2023-23452 | Missing Authentication for Critical Function vulnerability in Sick Fx0-Gpnt00000 Firmware and Fx0-Gpnt00010 Firmware Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000. | 9.8 |
| 2023-02-20 | CVE-2023-23453 | Missing Authentication for Critical Function vulnerability in Sick Fx0-Gent00000 Firmware and Fx0-Gent00010 Firmware Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000. | 9.8 |
| 2023-02-20 | CVE-2022-44216 | Missing Authentication for Critical Function vulnerability in SIR Gnuboard 5.5.4/5.5.5 Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. | 7.5 |