Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-912

CWE-912

Hidden Functionality

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

78 vulnerabilities with CWE-912

CVE-2026-41446 CRITICAL

WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints

CVE-2026-1952 CRITICAL

Denial of service via the undocumented subfunction in AS320T

CVE-2026-34769 HIGH

Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference

CVE-2026-4621 MEDIUM

NEC Aterm W1200EX(-MS) - Hidden Functionality

CVE-2026-33280 CRITICAL

BUFFALO Wi-Fi router - Command Injection

CVE-2026-31847 HIGH

Hidden functionality allows remote Telnet enablement in Nexxt Nebula 300+

CVE-2026-3587 CRITICAL

Hidden CLI Function Allows Root Access

CVE-2026-30704 CRITICAL

WiFi Extender WDR201A HW V2.1 FW LFMZX28040922V1.02 - Info Disclosure

CVE-2026-1741 MEDIUM

EFM ipTIME A8004T 14.18.2 - RCE

CVE-2025-48418 MEDIUM

Fortinet FortiAnalyzer/FortiManager - Auth Bypass

CVE-2025-55704 MEDIUM

Brother MFP - Info Disclosure

CVE-2025-11544 CRITICAL

Sharp Display Solutions - Code Injection

CVE-2025-62773 LOW

Mercku M6a <2.1.0 - RCE

CVE-2025-58778 HIGH

Ruijie Networks RG-EST300 - Info Disclosure/Privilege Escalation

CVE-2025-11673 HIGH

CVE-2025-55075 MEDIUM

WN-7D36QR - Privilege Escalation

CVE-2025-30064 HIGH

CGM CLININET <= 2025.MS2 - Session Generation via Insufficient JWT Verification

CVE-2025-9382 MEDIUM

FNKvision Y215 CCTV Camera - Backdoor

CVE-2025-8938 MEDIUM

TOTOLINK N350R 1.2.3-B20130826 - Backdoor

CVE-2025-46267 MEDIUM

WRC-BE36QS-B/WRC-W701-B - Info Disclosure

CVE-2025-34117 CRITICAL

Netcore/Netis <Aug 2014 - RCE

CVE-2025-6839 MEDIUM

Conjure Position Department Service Quality Evaluation System <1.0....

CVE-2025-26412 MEDIUM

SIMCom SIM7600G - RCE

CVE-2025-48416 HIGH

OpenSSH - Auth Bypass

CVE-2025-47729 LOW KEV

TeleMessage <2025-05-05 - Info Disclosure

Page 1 of 4 Next

Details

Vulnerabilities 78

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy