Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,427 vulnerabilities with CWE-306

CVE-2025-1907 CRITICAL

Instantel Micromate - Command Injection

CVE-2025-22252 CRITICAL

FortiProxy 7.6.0-7.6.1, FortiSwitchManager 7.2.5, FortiOS 7.4.4-7.4.6, 7.6.0 - Authentication Bypass

CVE-2025-32440 CRITICAL

netalertx < 25.4.14 - Unauthenticated Settings Update via Crafted Request to index.php

CVE-2025-41651 CRITICAL

Weidmueller Industrial Ethernet Switches - Unauthenticated Command Execution

CVE-2025-2407 CRITICAL

Mobatime AMX MTAPI <1.5 - Auth Bypass

CVE-2025-48742 MEDIUM

SIGB PMB < 8.0.1.2 - Remote Code Execution via Installer

CVE-2025-40664 CRITICAL

TCMAN GIM v11 - Unauthenticated Critical Function Access via User Management Endpoints

CVE-2025-41655 HIGH

Pepperl+Fuchs Profinet Gateway FB8122A.1.EL and LB8122A.1.EL < V1.3.13 - DoS via Reboot URL

CVE-2025-41654 HIGH

Pepperl+Fuchs Profinet Gateway FB8122A.1.EL/LB8122A.1.EL < V1.3.13 - SNMP Info Disclosure & DoS

CVE-2025-36535 CRITICAL

AutomationDirect MB-Gateway Web Server - Unauthenticated Configuration Access

CVE-2025-4008 HIGH KEV

Meteobridge VM and Firmware < 6.2 - Unauthenticated Remote Command Execution

CVE-2025-27803 MEDIUM

eCharge Hardy Barth cPH2 / cPP2 charging stations <= 2.2.0 - Unauthenticated Administrative Access

CVE-2025-48391 HIGH

JetBrains YouTrack <2025.1.76253 - Info Disclosure

CVE-2025-47850 MEDIUM

JetBrains YouTrack < 2025.1.74704 - Unauthenticated Restricted Attachment Exposure via Issue Cloning

CVE-2025-32738 MEDIUM

I-O DATA HDL-T Series <= 1.21 - Unauthenticated Critical Function Access

CVE-2025-0132 MEDIUM

Palo Alto Networks Cortex XDR - DoS

CVE-2025-44039 MEDIUM

CP-XR-DE21-S Firmware 1.031.022 - Unauthenticated Sensitive Information Exposure via UART Console

CVE-2025-4560 MEDIUM

ISOinsight from Netvision - Info Disclosure

CVE-2025-4557 CRITICAL

Parking Management System - Auth Bypass

CVE-2025-4555 CRITICAL

Okcat Parking Management Platform - Auth Bypass

CVE-2025-4382 MEDIUM

LUKS-encrypted disks - Info Disclosure

CVE-2025-3759 HIGH

Netis Systems WF2220 >=1.2.31706 <1.2.31706 - Unauthenticated Administrator Account Hijacking via netcore_set.cgi

CVE-2025-3758 HIGH

Netis Systems WF2220 - Unauthenticated Plaintext Password Exposure via netcore_get.cgi Endpoint

CVE-2025-20210 HIGH

Cisco Catalyst Center - Info Disclosure

CVE-2025-4268 MEDIUM

TOTOLINK A720R 4.1.5cu.374 - Auth Bypass

Previous Page 33 of 98 Next

Details

Vulnerabilities 2,427

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy