Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-02	CVE-2022-31176	Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). network low complexity grafana CWE-306	8.1
2022-09-01	CVE-2022-36604	Missing Authentication for Critical Function vulnerability in Canaan Avalon Asic Miner Firmware 2020.3.30 An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request. network low complexity canaan CWE-306	7.5
2022-08-31	CVE-2022-36619	Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC. network low complexity dlink CWE-306	7.5
2022-08-31	CVE-2022-30317	Missing Authentication for Critical Function vulnerability in Honeywell Experion LX Firmware Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. network low complexity honeywell CWE-306 critical	9.1
2022-08-29	CVE-2022-37680	Missing Authentication for Critical Function vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07 An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. network low complexity hitachi CWE-306	7.5
2022-08-26	CVE-2022-36521	Missing Authentication for Critical Function vulnerability in Cskefu 7.0.1 Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts. network low complexity cskefu CWE-306	7.5
2022-08-23	CVE-2022-35733	Missing Authentication for Critical Function vulnerability in Unimo products Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface. network low complexity unimo CWE-306 critical	9.8
2022-08-22	CVE-2022-34858	Missing Authentication for Critical Function vulnerability in Miniorange Oauth 2.0 Client for SSO Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress. network low complexity miniorange CWE-306 critical	9.8
2022-08-18	CVE-2022-37062	Missing Authentication for Critical Function vulnerability in Flir AX8 Firmware All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. network low complexity flir CWE-306	7.5
2022-08-17	CVE-2022-35122	Missing Authentication for Critical Function vulnerability in Ecowitt Gw1100 Firmware An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords. network low complexity ecowitt CWE-306 critical	9.1