Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,430 vulnerabilities with CWE-306

CVE-2024-8310 CRITICAL

OPW Fuel Management Systems SiteSentinel - Auth Bypass

CVE-2024-6981 CRITICAL

OMNTEC Proteus Tank Monitoring OEL8000III Series - Auth Bypass

CVE-2024-47130 HIGH

goTenna Pro < 1.6.1 and < 2.0.3 - Unauthenticated Public Key Update

CVE-2024-7781 HIGH

Jupiter X Core < 4.7.8 - Unauthenticated Authentication Bypass via Social Login Widget

CVE-2024-6592 CRITICAL

WatchGuard Authentication Gateway and Single Sign-On Client - Authentication Bypass via Protocol Communication

CVE-2024-45229 MEDIUM

Versa Director - Unauthenticated Authentication Token Exposure via GET Request Argument Injection

CVE-2024-6406 HIGH

Yordam Information Technology Mobile Library App <5.0 - Info Disclo...

CVE-2024-8956 CRITICAL KEV

PTZOptics PT30X-SDI/NDI-xx < 6.3.40 - Unauthenticated Sensitive Data Exposure and Configuration Modification

CVE-2024-6582 MEDIUM

lunary < 1.4.9 - Unauthenticated Identity Provider Settings Update

CVE-2024-8751 HIGH

SICK MSC800 < V4.26 and < S2.93.20 - Unauthenticated Denial of Service via Sopas ET IP Address Modification

CVE-2024-8277 CRITICAL

WooCommerce Photo Reviews Premium <1.3.13.2 - Auth Bypass

CVE-2024-8321 MEDIUM

Ivanti EPM <2022 SU6-2024 September - Unauthenticated DoS

CVE-2024-8320 MEDIUM

Ivanti EPM <2022 SU6-2024 September - Auth Bypass

CVE-2024-8012 HIGH

Ivanti Workspace Control <2025.2 - Privilege Escalation

CVE-2024-37991 MEDIUM

SIMATIC RF360R < 2.2 - Unauthenticated Sensitive Information Exposure via Service Log Files

CVE-2024-7015 CRITICAL

PassBox < 1.2 - Unauthenticated Authentication Abuse

CVE-2024-8584 CRITICAL

Orca HCM < 11.0 - Unauthenticated Administrator Account Creation

CVE-2024-45075 HIGH

IBM webMethods Integration 10.15 - Privilege Escalation

CVE-2024-39300 LOW

ELECOM WAB-I1750-PS Firmware < 1.5.10 - Unauthenticated Telnet Access

CVE-2024-4428 CRITICAL

Menulux Information Technologies Managment Portal <21.05.2024 - Inf...

CVE-2024-45049 HIGH

Hydra < 2024-08-27 - Unauthenticated Evaluation Trigger via API Push Route

CVE-2024-7940 HIGH

HitachiEnergy MicroSCADA X SYS600 10.2-10.5 - Unauthenticated Critical Function Access via Network-Exposed Local Service

CVE-2024-7125 HIGH

Hitachi Ops Center Common Services 10.9.3-00-11.0.2-01 - Authentication Bypass

CVE-2024-43798 HIGH

jpillora/chisel < 1.10.0 - Unauthenticated Access via Undocumented AUTH Environment Variable

CVE-2024-36445 CRITICAL

Swissphone DiCal-RED 4009 - Unauthenticated Remote Code Execution via TELNET

Previous Page 43 of 98 Next

Details

Vulnerabilities 2,430

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy