Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2020-21934 | Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware 1.0.2 An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. | 7.5 |
| 2021-07-21 | CVE-2020-21936 | Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware 1.0.2 An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | 5.3 |
| 2021-07-21 | CVE-2021-22772 | Missing Authentication for Critical Function vulnerability in Schneider-Electric T200E Firmware, T200I Firmware and T200P Firmware A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 ((Modbus) SC2-04MOD-07000100 and earlier), Easergy T200 ((IEC104) SC2-04IEC-07000100 and earlier), and Easergy T200 ((DNP3) SC2-04DNP-07000102 and earlier) that could cause unauthorized operation when authentication is bypassed. | 9.8 |
| 2021-07-07 | CVE-2021-20474 | Missing Authentication for Critical Function vulnerability in IBM Guardium Data Encryption 3.0.0.2/4.0.0.4 IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. | 7.5 |
| 2021-07-07 | CVE-2021-33221 | Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
| 2021-07-07 | CVE-2021-34621 | Missing Authentication for Critical Function vulnerability in Properfraction Profilepress A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. | 9.8 |
| 2021-06-30 | CVE-2021-20107 | Missing Authentication for Critical Function vulnerability in Sloan products There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. | 5.4 |
| 2021-06-29 | CVE-2021-35941 | Missing Authentication for Critical Function vulnerability in Westerndigital products Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472. | 7.5 |
| 2021-06-24 | CVE-2021-33346 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. | 9.8 |
| 2021-06-21 | CVE-2020-20472 | Missing Authentication for Critical Function vulnerability in White Shark Systems Project White Shark Systems 1.3.2 White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. | 5.3 |