Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,439 vulnerabilities with CWE-306

CVE-2021-28122 CRITICAL

Open5GS 2.1.3-2.2.0 - Unauthenticated Database Manipulation via WebUI API

CVE-2021-20262 MEDIUM

Keycloak 12.0.0 - Missing Authentication for Critical Function

CVE-2021-27255 HIGH

NETGEAR Multiple Router and Extender Firmware - Unauthenticated Remote Code Execution via refresh_status.aspx

CVE-2021-26705 CRITICAL

SquareBox CatDV < 9.2 - Unauthenticated Sensitive RMI Method Invocation

CVE-2021-27963 HIGH

SonLogger < 6.4.1 - Unauthenticated User Creation with Arbitrary Permissions via /User/saveUser

CVE-2021-27215 CRITICAL

genua genugate < 9.0 Z p19, 9.1.x-9.6.x < 9.6 p7, 10.x < 10.1 p4 - Unauthenticated Authentication Bypass

CVE-2021-1396 CRITICAL

Cisco Application Services Engine 1.1-1.1(3e) - Unauthenticated Privileged Access

CVE-2021-1393 CRITICAL

Cisco Application Services Engine 1.1-1.1(3e) - Unauthenticated Privileged Access

CVE-2021-20662 HIGH

SolarView Compact SV-CPT-MC310 <6.5 - Privilege Escalation

CVE-2021-20198 HIGH

OpenShift Installer < 0.9.0 Unauthenticated RCE via Kubelet Port

CVE-2021-26697 MEDIUM

Apache Airflow 2.0.0 - Unauthenticated Improper Privilege Management via Experimental API Lineage Endpoint

CVE-2021-20067 MEDIUM

Racom MIDGE Firmware 4.4.40.105 - Unauthenticated Sensitive Information Exposure via Syslog

CVE-2021-22652 CRITICAL

Advantech iView <5.7.03.6112 - Code Execution

CVE-2021-21472 HIGH

SAP Software Provisioning Manager 1.0 - Authenticated Security Bypass via Missing Password Configuration

CVE-2021-25312 HIGH

HTCondor <8.9.11 - Privilege Escalation

CVE-2021-22159 HIGH

Proofpoint Insider Threat Management < 7.4.3 - Authenticated Local Privilege Escalation via Missing Authentication

CVE-2021-22850 MEDIUM

HGiga oaklouds_portal - Unauthenticated Privileged Function Access

CVE-2021-1246 MEDIUM

Cisco Finesse - Unauthenticated Access to OpenSocial Gadget Editor via Crafted URL

CVE-2020-37157 HIGH

DBPower C300 HD Camera - Info Disclosure

CVE-2020-37146 HIGH

ACE Security WiP-90113 HD Camera - Info Disclosure

CVE-2020-36963 HIGH

Intelbras Router RF 301K <1.1.2 - Auth Bypass

CVE-2020-36904 HIGH

Selea CarPlateServer 4.0.1.6 - Unauthenticated Remote Program Execution via NO_LIST_EXE_PATH Configuration

CVE-2020-36894 HIGH

Eibiz i-Media Server Digital Signage 3.8.0 - Auth Bypass

CVE-2020-36892 CRITICAL

Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation

CVE-2020-36874 HIGH

ACE SECURITY WIP-90113 HD - Info Disclosure

Previous Page 72 of 98 Next

Details

Vulnerabilities 2,439

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy