Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,439 vulnerabilities with CWE-306

CVE-2020-36873 HIGH

Astak CM-818T3 2.4GHz Wireless Camera - Unauthenticated Config Disclosure via Backup

CVE-2020-36871 HIGH

ESCAM QD-900 WIFI HD - Info Disclosure

CVE-2020-12484 MEDIUM

vivo Wifi < 8.12.0.0 - Missing Authentication for Critical Function

CVE-2020-12492 LOW

Framework Services - Info Disclosure

CVE-2020-12491 MEDIUM

vivo Framework - Missing Authentication for Critical Function

CVE-2020-26942 CRITICAL

Axigen Mail Server <10.3.1.27-10.3.3.1 - Privilege Escalation

CVE-2020-36724 CRITICAL

Wordable plugin <3.1.1 - Auth Bypass

CVE-2020-36713 CRITICAL

MStore API < 2.1.5 - Unauthenticated Authentication Bypass via Unrestricted Register and Update User Profile Routes

CVE-2020-14140 HIGH

Xiaomi Router Firmware 2020-2023.2 - Unauthenticated WIFI Password Exposure via API

CVE-2020-23256 CRITICAL

Electerm 1.3.22 - Unauthenticated Remote Code Execution via Unverified Service Request

CVE-2020-22661 MEDIUM

Ruckus APs and SmartZone Controllers - Unauthorized Backup Image Replacement

CVE-2020-23648 HIGH

Asus RT-N12E 2.0.0.39 - Privilege Escalation

CVE-2020-27376 HIGH

Dr Trust USA iCheck Connect BP Monitor BP Testing <1.2.1 - Missing ...

CVE-2020-14479 MEDIUM

Ignition 7.0.0-7.9.13 - Unauthenticated Sensitive Information Exposure via Serialized Data Handling

CVE-2020-10640 CRITICAL

Emerson OpenEnterprise <3.3.4 - Command Injection

CVE-2020-25566 CRITICAL

SapphireIMS 5.0 - Unauthenticated Account Takeover via Save_Password Form

CVE-2020-25563 CRITICAL

SapphireIMS 5.0 - Unauthenticated Remote Command Execution via RemoteMgmtTaskSave

CVE-2020-36239 CRITICAL

Atlassian Jira Data Center < 8.5.16 - Missing Authorization

CVE-2020-7389 MEDIUM

Sage Syracuse 9.0-9.22.7.2 - Authenticated OS Command Injection via CHAINE Variable

CVE-2020-21936 MEDIUM

Motorola CX2 Firmware - Unauthenticated Information Disclosure via HNAP1/GetMultipleHNAPs

CVE-2020-21934 HIGH

Motorola CX2 Firmware CX 1.0.2 Build 20190508 Rel.97360n - Unauthenticated Syslog Download

CVE-2020-20472 MEDIUM

White Shark System 1.3.2 - Unauthenticated Sensitive Information Disclosure via if_get_addbook.php

CVE-2020-25634 MEDIUM

Red Hat 3scale < 2.10.0 - Unauthenticated Sensitive Information Exposure via API Docs URL

CVE-2020-25697 HIGH

X.org X Server - Missing Authentication for Critical Function

CVE-2020-4670 CRITICAL

IBM Planning Analytics Local 2.0 - Unauthenticated Redis Server Access

Previous Page 73 of 98 Next

Details

Vulnerabilities 2,439

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy