Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-07 | CVE-2019-12505 | Missing Authentication for Critical Function vulnerability in Inateck Wp1001 Firmware 1.3C Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. | 8.3 |
2019-06-06 | CVE-2019-11523 | Missing Authentication for Critical Function vulnerability in Anviz M3 Firmware Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. | 7.5 |
2019-06-06 | CVE-2019-6451 | Missing Authentication for Critical Function vulnerability in Soyal Ar-727H Firmware and Ar-829Ev5 Firmware On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. | 7.5 |
2019-05-31 | CVE-2019-10046 | Missing Authentication for Critical Function vulnerability in Pydio 8.2.2 An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information. | 5.0 |
2019-05-31 | CVE-2019-9871 | Missing Authentication for Critical Function vulnerability in Jector Fm-K75 Firmware Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission. | 10.0 |
2019-05-31 | CVE-2019-12500 | Missing Authentication for Critical Function vulnerability in MI M365 Firmware The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. | 3.3 |
2019-05-29 | CVE-2019-6958 | Missing Authentication for Critical Function vulnerability in Bosch products A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). | 9.1 |
2019-05-23 | CVE-2019-12289 | Missing Authentication for Critical Function vulnerability in Vstracam C38S Firmware and C7824Wip Firmware An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119~123 and 200V (C38S) CH-sys-48.53.203.119~123 devices. | 10.0 |
2019-05-23 | CVE-2019-12288 | Missing Authentication for Critical Function vulnerability in multiple products An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. | 7.5 |
2019-05-22 | CVE-2019-6808 | Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. | 7.5 |