Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2021-44259 Missing Authentication for Critical Function vulnerability in Wavlink Wl-Wn531G3 Firmware A42W1.27.620180418
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication.
network
low complexity
wavlink CWE-306
critical
9.8
2022-03-17 CVE-2021-44260 Missing Authentication for Critical Function vulnerability in Wavlink Wl-Wn531G3 Firmware A42W1.27.620180418
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication.
network
low complexity
wavlink CWE-306
7.5
2022-03-17 CVE-2021-44261 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
5.3
2022-03-17 CVE-2021-44262 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
7.5
2022-03-16 CVE-2022-25247 Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands to a specific port without authentication.
network
low complexity
ptc CWE-306
critical
9.8
2022-03-16 CVE-2022-25250 Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send a certain command to a specific port without authentication.
network
low complexity
ptc CWE-306
7.5
2022-03-16 CVE-2022-25251 Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication.
network
low complexity
ptc CWE-306
critical
9.8
2022-03-11 CVE-2021-33658 Missing Authentication for Critical Function vulnerability in Huawei Atune 0.3/0.8
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file.
local
low complexity
huawei CWE-306
7.8
2022-03-11 CVE-2022-25508 Missing Authentication for Critical Function vulnerability in Freetakserver-Ui Project Freetakserver-Ui 1.9.8
An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users.
network
low complexity
freetakserver-ui-project CWE-306
7.5
2022-03-10 CVE-2022-25922 Missing Authentication for Critical Function vulnerability in Hegemonelectronics Plc4Trucks Firmware J2497
Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages.
network
low complexity
hegemonelectronics CWE-306
critical
9.1