Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-32251 Missing Authentication for Critical Function vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1).
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2022-06-08 CVE-2022-1598 Missing Authentication for Critical Function vulnerability in 2Code Wpqa Builder 5.2
The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site.
network
low complexity
2code CWE-306
5.3
5.3
2022-06-03 CVE-2021-42893 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-03 CVE-2021-42891 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-03 CVE-2021-42889 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-02 CVE-2022-31461 Missing Authentication for Critical Function vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message.
low complexity
owllabs CWE-306
6.5
6.5
2022-06-02 CVE-2022-26971 Missing Authentication for Critical Function vulnerability in Barco Control Room Management Suite
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism.
network
low complexity
barco CWE-306
5.3
5.3
2022-05-26 CVE-2022-22576 Missing Authentication for Critical Function vulnerability in multiple products
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
network
low complexity
haxx debian netapp brocade splunk CWE-306
8.1
8.1
2022-05-25 CVE-2022-29402 Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wr840N Firmware
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.
low complexity
tp-link CWE-306
6.8
6.8
2022-05-24 CVE-2022-22309 Missing Authentication for Critical Function vulnerability in IBM Power System S922 Firmware
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface.
low complexity
ibm CWE-306
6.8
6.8