Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,435 vulnerabilities with CWE-306

CVE-2023-5376 HIGH

Korenix JetNet Series - Unauthenticated TFTP Access

CVE-2023-5881 HIGH

Genie Aladdin Connect Garage Door Opener Firmware < 14.1.1 - Unauthenticated Critical Function Access via Web Interface

CVE-2023-29485 CRITICAL

Heimdal Thor < 3.5.3 - Unauthenticated Arbitrary Code Execution via DarkLayer Guard Module

CVE-2023-6595 HIGH

WhatsUp Gold <2023.1 - Info Disclosure

CVE-2023-6368 MEDIUM

WhatsUp Gold <2023.1 - Info Disclosure

CVE-2023-6718 CRITICAL

Repox - Unauthenticated User Creation and Modification via Crafted POST Request

CVE-2023-50263 LOW

Nautobot 1.x-2.0.x < 1.6.7/2.0.6 - Unauthenticated Arbitrary File Download via FileProxy Endpoints

CVE-2023-32460 HIGH

Dell PowerEdge BIOS < 1.6.6 - Unauthenticated Privilege Escalation

CVE-2023-49693 CRITICAL

NETGEAR ProSAFE Network Management System < 1.7.0.34 - Unauthenticated Remote Code Execution via JDWP

CVE-2023-29063 LOW

FACSChorus Workstation - Info Disclosure

CVE-2023-29061 MEDIUM

FACSChorus Workstation - Info Disclosure

CVE-2023-29060 MEDIUM

FACSChorus - Unprotected Data Exposure via USB Port Access

CVE-2023-3104 MEDIUM

Unitree A1 Firmware - Lack of Authentication

CVE-2023-42770 CRITICAL

Redlioncontrols St-ipm-6350 Firmware - Missing Authentication

CVE-2023-47674 CRITICAL

First Corporation DVRs - Unauthenticated Configuration Rewrite and Information Disclosure

CVE-2023-34060 CRITICAL

VMware Cloud Director Appliance <10.5 - Auth Bypass

CVE-2023-46096 MEDIUM

SIMATIC PCS neo <V4.1 - Auth Bypass

CVE-2023-45140 MEDIUM

ovh/the-bastion < 3.14.15 - Missing Authentication for SCP/SFTP via Group-Based JIT MFA Bypass

CVE-2023-46819 MEDIUM

Apache OFBiz <18.12.09 - Info Disclosure

CVE-2023-4699 CRITICAL

Mitsubishielectric Fx3u-32mt/es Firmware - Missing Authentication

CVE-2023-46381 HIGH

LOYTEC Devices - Unauthenticated RCE

CVE-2023-41351 CRITICAL

Chunghwa Telecom NOKIA G-040W-Q - Auth Bypass

CVE-2023-46249 CRITICAL

authentik <2023.8.4-2023.10.2 - Privilege Escalation

CVE-2023-46978 HIGH

TOTOLINK X6000R V9.4.0cu.852_B20230719 - Privilege Escalation

CVE-2023-46747 CRITICAL KEV

F5 BIG-IP 13.1.0-13.1.4 - Unauthenticated Remote Command Execution via Configuration Utility Bypass

Previous Page 50 of 98 Next

Details

Vulnerabilities 2,435

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy