Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-11 | CVE-2023-51987 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
2024-01-11 | CVE-2023-51989 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
2024-01-10 | CVE-2022-45794 | Missing Authentication for Critical Function vulnerability in Omron products An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card. | 7.5 |
2024-01-10 | CVE-2023-40393 | Missing Authentication for Critical Function vulnerability in Apple Macos An authentication issue was addressed with improved state management. | 7.5 |
2024-01-03 | CVE-2023-5881 | Missing Authentication for Critical Function vulnerability in Geniecompany Aladdin Connect Garage Door Opener Firmware Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings. | 8.2 |
2023-12-21 | CVE-2023-29485 | Missing Authentication for Critical Function vulnerability in Heimdalsecurity Thor An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. | 9.8 |
2023-12-13 | CVE-2023-6718 | Missing Authentication for Critical Function vulnerability in Europeana Repox 2.3.7 An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users. | 7.5 |
2023-12-12 | CVE-2023-50263 | Missing Authentication for Critical Function vulnerability in Networktocode Nautobot Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. | 5.3 |
2023-12-08 | CVE-2023-32460 | Missing Authentication for Critical Function vulnerability in Dell products Dell PowerEdge BIOS contains an improper privilege management security vulnerability. | 7.8 |
2023-11-29 | CVE-2023-49693 | Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. | 9.8 |