Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-11 | CVE-2019-9974 | Missing Authentication for Critical Function vulnerability in Dasannetworks H660Rm Firmware 1.030022 diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. | 6.4 |
2019-04-10 | CVE-2019-10946 | Missing Authentication for Critical Function vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.5. | 5.0 |
2019-04-09 | CVE-2019-3941 | Missing Authentication for Critical Function vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. | 6.4 |
2019-03-28 | CVE-2019-6542 | Missing Authentication for Critical Function vulnerability in Enttec products ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition. | 7.5 |
2019-03-25 | CVE-2019-7642 | Missing Authentication for Critical Function vulnerability in Dlink products D-Link routers with the mydlink feature have some web interfaces without authentication requirements. | 5.0 |
2019-03-25 | CVE-2019-10042 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11 The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. | 7.8 |
2019-03-25 | CVE-2019-10041 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11 The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. | 5.0 |
2019-03-25 | CVE-2019-10040 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11 The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. | 10.0 |
2019-03-25 | CVE-2019-10039 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11 The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. | 5.0 |
2019-03-21 | CVE-2018-20220 | Missing Authentication for Critical Function vulnerability in Teracue products An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. | 5.0 |