Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-2551 MEDIUM

D-Link DIR-618 and DIR-605L - Improper Access Control in /goform/formSetPortTr

CVE-2025-2550 MEDIUM

D-Link DIR-618 and DIR-605L 2.02/3.02 - Improper Access Control in DDNS Service

CVE-2025-2549 MEDIUM

D-Link DIR-618 and DIR-605L 2.02/3.02 - Improper Access Control via formSetPassword

CVE-2025-2548 MEDIUM

D-Link DIR-618 and DIR-605L - Improper Access Control in formSetDomainFilter

CVE-2025-2547 MEDIUM

D-Link DIR-618 and DIR-605L - Improper Access Control in /goform/formAdvNetwork

CVE-2025-2546 MEDIUM

D-Link DIR-618 and DIR-605L - Improper Access Control in Firewall Service

CVE-2025-30140 HIGH

G-Net Dashcam BB GONX - Info Disclosure

CVE-2025-30141 HIGH

G-Net Dashcam BB GONX - Info Disclosure

CVE-2025-30138 MEDIUM

G-Net Dashcam BB GONX - Privilege Escalation

CVE-2025-26138 MEDIUM

Systemic Risk Value <= 2.8.0 - Unauthenticated Improper Access Control via Predictable File ID Parameter

CVE-2025-30132 CRITICAL

IROAD Dashcam V - Improper Access Control via Unregistered Public Domain

CVE-2025-25585 HIGH

yimioa < 2024.07.04 - Unauthenticated Administrator Password Modification via WebSecurityConfig

CVE-2025-25500 HIGH

cosmwasm < 2.2.0 - Improper Access Control via Capability Validation Bypass

CVE-2025-25621 MEDIUM

Unifiedtransform 2.0 - Incorrect Access Control via Teacher Attendance Endpoint

CVE-2025-25618 LOW

Unifiedtransform 2.0 - Privilege Escalation via Incorrect Access Control

CVE-2025-2350 MEDIUM

Iroadau Fx2 Firmware < 2025-03-08 - Improper Access Control

CVE-2025-2348 MEDIUM

Iroadau Fx2 Firmware < 2025-03-08 - Information Disclosure

CVE-2025-2334 MEDIUM

springboot-openai-chatgpt e84f6f5 - Improper Access Control in Chat History Handler

CVE-2025-25225 MEDIUM

Hikashop <5.1.3 - Privilege Escalation

CVE-2025-25598 HIGH

Inova Logic CUSTOMER MONITOR 3.1.757.1 - Privilege Escalation via Scheduled Task Executable Injection

CVE-2025-2280 HIGH

Devolutions Server < 2024.3.6.0 - Authenticated Browser Extension Restriction Bypass

CVE-2025-2278 MEDIUM

Devolutions Server < 2025.1.3.0 - Authenticated Improper Access Control in Temporary Access Requests

CVE-2025-25683 MEDIUM

AlekSIS-Core <3.2.1 - Info Disclosure

CVE-2025-20144 MEDIUM

Cisco IOS XR - Unauthenticated Access Control Bypass via Hybrid ACL Processing

CVE-2025-2219 HIGH

LoveCards 2.1.1-2.3.2 - Unauthenticated Unrestricted File Upload via /api/upload/image

Previous Page 81 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy