Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,428 vulnerabilities with CWE-306

CVE-2024-50489 CRITICAL

Realty Workstation <= 1.0.45 - Authentication Bypass

CVE-2024-50487 CRITICAL

MaanStore API <= 1.0.1 - Authentication Bypass

CVE-2024-50486 CRITICAL

Acnoo Flutter API <= 1.0.5 - Authentication Bypass

CVE-2024-50477 CRITICAL

Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass

CVE-2024-10386 CRITICAL

Rockwell Automation ThinManager 11.2.0-11.2.9 - Unauthenticated Database Manipulation

CVE-2024-47406 CRITICAL

Sharp and Toshiba Tec MFPs - Auth Bypass

CVE-2024-48442 MEDIUM

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-...

CVE-2024-47902 HIGH

InterMesh 7177 Hybrid 2.0 < 8.2.12 & 7707 Fire < 7.2.12 - Unauthenticated OS Command Execution

CVE-2024-47575 CRITICAL KEV

Fortinet FortiManager <7.6.0 - RCE

CVE-2024-26519 CRITICAL

Casa Systems NTC-221 <2.0.99.0 - RCE

CVE-2024-10002 HIGH

Rover IDX <3.0.0.2906 - Auth Bypass

CVE-2024-40091 MEDIUM

Vilo 5 Mesh WiFi System <= 5.16.1.33 - Info Disclosure

CVE-2024-40087 CRITICAL

Vilo 5 Mesh WiFi System <= 5.16.1.33 - Privilege Escalation

CVE-2024-47912 HIGH

Mitel MiCollab < 9.8.1.201 - Unauthenticated Data Access in AWV Conferencing Component

CVE-2024-49604 CRITICAL

Najeeb Ahmad Simple User Registration <5.5 - Auth Bypass

CVE-2024-49328 CRITICAL

WP REST API FNS <= 1.0.0 - Authentication Bypass

CVE-2024-49399 HIGH

Elvaco M-Bus Metering Gateway CMe3100 1.12.1 - Missing Authentication for Critical Function

CVE-2024-48920 CRITICAL

PutongOJ <2.1.0-beta.1 - Privilege Escalation

CVE-2024-9861 HIGH

Miniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Authentication Bypass via OTP Login Token

CVE-2024-45844 HIGH

F5 BIG-IP 15.1.0-15.1.10.5 - Unauthenticated Access Control Bypass via Monitor Functionality

CVE-2024-21272 HIGH

MySQL Connector/Python <= 9.0.0 - Authenticated Remote Takeover via Multiple Protocols

CVE-2024-5749 HIGH

HP DesignJet Firmware < 001.2419b - Unauthenticated SMTP Credential Exposure

CVE-2024-45276 HIGH

Helmholz REX 100 and mbCONNECTLINE mbNET.mini Firmware <= 2.3.1 - Unauthenticated File Read

CVE-2024-45274 CRITICAL

Helmholz REX 100 and MBConnectLine MBnet.mini Firmware <= 2.3.1 - OS Command Execution via UDP

CVE-2024-9984 CRITICAL

Enterprise Cloud Database - Info Disclosure

Previous Page 41 of 98 Next

Details

Vulnerabilities 2,428

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy