Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-51987 Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2
D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.
network
low complexity
dlink CWE-306
critical
9.8
2024-01-11 CVE-2023-51989 Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2
D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.
network
low complexity
dlink CWE-306
critical
9.8
2024-01-10 CVE-2022-45794 Missing Authentication for Critical Function vulnerability in Omron products
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.
network
low complexity
omron CWE-306
7.5
2024-01-10 CVE-2023-40393 Missing Authentication for Critical Function vulnerability in Apple Macos
An authentication issue was addressed with improved state management.
network
low complexity
apple CWE-306
7.5
2024-01-03 CVE-2023-5881 Missing Authentication for Critical Function vulnerability in Geniecompany Aladdin Connect Garage Door Opener Firmware
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings.
network
low complexity
geniecompany CWE-306
8.2
2023-12-21 CVE-2023-29485 Missing Authentication for Critical Function vulnerability in Heimdalsecurity Thor
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.
network
low complexity
heimdalsecurity CWE-306
critical
9.8
2023-12-13 CVE-2023-6718 Missing Authentication for Critical Function vulnerability in Europeana Repox 2.3.7
An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users.
network
low complexity
europeana CWE-306
7.5
2023-12-12 CVE-2023-50263 Missing Authentication for Critical Function vulnerability in Networktocode Nautobot
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database.
network
low complexity
networktocode CWE-306
5.3
2023-12-08 CVE-2023-32460 Missing Authentication for Critical Function vulnerability in Dell products
Dell PowerEdge BIOS contains an improper privilege management security vulnerability.
local
low complexity
dell CWE-306
7.8
2023-11-29 CVE-2023-49693 Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System
NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code.
network
low complexity
netgear CWE-306
critical
9.8