Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,439 vulnerabilities with CWE-306

CVE-2021-23847 CRITICAL

Bosch CPP6, CPP7, CPP7.3 <7.80 B128 - Unauthenticated Info Exposure & Settings Modification

CVE-2021-26928 MEDIUM

BIRD < 2.0.7 - Missing Authentication for BGP Peers

CVE-2021-22322 HIGH

Huawei EMUI and Magic UI - Missing Authentication for Critical Function

CVE-2021-22316 MEDIUM

Huawei EMUI and Magic UI - Missing Authentication for Critical Function

CVE-2021-21986 CRITICAL

VMware vCenter Server - Unauthenticated Access via vSphere Plugin Authentication Bypass

CVE-2021-30190 CRITICAL

CODESYS V2 Web-Server <1.1.9.20 - Info Disclosure

CVE-2021-32453 MEDIUM

SITEL CAP/PRX Firmware 5.2.01 - Unauthenticated Information Exposure via HTTP

CVE-2021-20998 CRITICAL

WAGO Managed Switches - Privilege Escalation

CVE-2021-27571 MEDIUM

Emote Remote Mouse <4.0.0.0 - Info Disclosure

CVE-2021-27570 MEDIUM

Emote Remote Mouse < 3.015 - Unauthenticated Arbitrary Process Termination via Crafted Packet

CVE-2021-27569 MEDIUM

Emote Remote Mouse <4.0.0.0 - Info Disclosure

CVE-2021-29203 CRITICAL

HPE Edgeline Infrastructure Manager < 1.22 - Unauthenticated Remote Command Execution

CVE-2021-31793 HIGH

NightOwl WDB-20-V2 WDB-20-V2_20190314 - Unauthenticated Snapshot Access via /snapshot URI

CVE-2021-1499 MEDIUM

Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)

CVE-2021-21535 HIGH

Dell Hybrid Client < 1.5 - Unauthenticated Privilege Escalation

CVE-2021-30167 CRITICAL

Network Camera Device - Privilege Escalation

CVE-2021-29442 HIGH

Nacos < 1.4.1 - Unauthenticated Database Manipulation via Derby Endpoint

CVE-2021-20697 CRITICAL

DAP-1880AC <1.21 - Privilege Escalation

CVE-2021-20990 HIGH

Fibaro Home Center 2 and Lite Firmware < 4.600 - Unauthenticated Denial of Service via Internal Management Service

CVE-2021-24219 MEDIUM

Thrivethemes Focusblog < 2.0.0 - Improper Access Control

CVE-2021-30462 HIGH

VestaCP <0.9.8-24 - Privilege Escalation

CVE-2021-28124 MEDIUM

Cohesity DataPlatform <6.3.1g, <6.4.1c, <=6.5.1b - SSRF

CVE-2021-22997 HIGH

F5 BIG-IQ Centralized Management 6.0.0-7.x - Unauthenticated ElasticSearch Transport Service Access

CVE-2021-22995 HIGH

F5 BIG-IQ Centralized Management 6.0.0-6.1.0 - Unauthenticated High Availability Failover via Corosync Daemon

CVE-2021-28148 HIGH

Grafana Enterprise <6.7.6-7.4.5 - DoS

Previous Page 71 of 98 Next

Details

Vulnerabilities 2,439

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy