Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-17 | CVE-2021-44261 | Missing Authentication for Critical Function vulnerability in Netgear products A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. | 5.3 |
| 2022-03-17 | CVE-2021-44262 | Missing Authentication for Critical Function vulnerability in Netgear products A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. | 7.5 |
| 2022-03-16 | CVE-2022-25247 | Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands to a specific port without authentication. | 9.8 |
| 2022-03-16 | CVE-2022-25250 | Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send a certain command to a specific port without authentication. | 7.5 |
| 2022-03-16 | CVE-2022-25251 | Missing Authentication for Critical Function vulnerability in PTC Axeda Agent and Axeda Desktop Server When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. | 9.8 |
| 2022-03-11 | CVE-2021-33658 | Missing Authentication for Critical Function vulnerability in Huawei Atune 0.3/0.8 atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. | 7.8 |
| 2022-03-11 | CVE-2022-25508 | Missing Authentication for Critical Function vulnerability in Freetakserver-Ui Project Freetakserver-Ui 1.9.8 An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users. | 7.5 |
| 2022-03-10 | CVE-2022-25922 | Missing Authentication for Critical Function vulnerability in Hegemonelectronics Plc4Trucks Firmware J2497 Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. | 9.1 |
| 2022-03-10 | CVE-2022-26143 | Missing Authentication for Critical Function vulnerability in Mitel Micollab and Mivoice Business Express The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). | 9.8 |
| 2022-03-10 | CVE-2022-24396 | Missing Authentication for Critical Function vulnerability in SAP Simple Diagnostics Agent The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. | 7.8 |