Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-10973 | Missing Authentication for Critical Function vulnerability in Wavlink products An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. | 5.0 |
| 2020-05-01 | CVE-2020-12117 | Missing Authentication for Critical Function vulnerability in Moxa Nport 5100A Firmware 1.5 Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. | 5.0 |
| 2020-04-30 | CVE-2020-11028 | Missing Authentication for Critical Function vulnerability in multiple products In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. | 4.3 |
| 2020-04-29 | CVE-2019-5620 | Missing Authentication for Critical Function vulnerability in Hitachienergy Microscada PRO Sys600 9.3 ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. | 9.8 |
| 2020-04-28 | CVE-2020-10641 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. | 5.0 |
| 2020-04-27 | CVE-2020-12266 | Missing Authentication for Critical Function vulnerability in Wavlink products An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. | 5.0 |
| 2020-04-24 | CVE-2020-5870 | Missing Authentication for Critical Function vulnerability in F5 Big-Iq Centralized Management In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of authentication for connecting to the peer. | 4.8 |
| 2020-04-23 | CVE-2018-21132 | Missing Authentication for Critical Function vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by authentication bypass. | 7.5 |
| 2020-04-22 | CVE-2020-11649 | Missing Authentication for Critical Function vulnerability in Gitlab An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. | 4.0 |
| 2020-04-22 | CVE-2019-19104 | Missing Authentication for Critical Function vulnerability in multiple products The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. | 7.5 |