Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-912

CWE-912

Hidden Functionality

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

79 vulnerabilities with CWE-912

CVE-2026-7413 HIGH

Persistent undocumented backdoor access in Yarbo robot

CVE-2026-41446 CRITICAL

WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints

CVE-2026-1952 CRITICAL

Denial of service via the undocumented subfunction in AS320T

CVE-2026-34769 HIGH

Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference

CVE-2026-4621 MEDIUM

NEC Aterm W1200EX(-MS) - Hidden Functionality

CVE-2026-33280 CRITICAL

BUFFALO Wi-Fi router - Command Injection

CVE-2026-31847 HIGH

Hidden functionality allows remote Telnet enablement in Nexxt Nebula 300+

CVE-2026-3587 CRITICAL

Hidden CLI Function Allows Root Access

CVE-2026-30704 CRITICAL

WiFi Extender WDR201A HW V2.1 FW LFMZX28040922V1.02 - Info Disclosure

CVE-2026-1741 MEDIUM

ipTIME A8004T 14.18.2 - Backdoor via Debug Interface cmd Argument

CVE-2025-48418 MEDIUM

Fortinet FortiAnalyzer/FortiManager - Auth Bypass

CVE-2025-55704 MEDIUM

Brother and Konica Minolta MFPs - Hidden Functionality Information Disclosure

CVE-2025-11544 CRITICAL

Sharp Display Solutions - Code Injection

CVE-2025-62773 LOW

Mercku M6a <= 2.1.0 - Authenticated TELNET Access via router.telnet.enabled.update

CVE-2025-58778 HIGH

Ruijie Networks RG-EST300 - Info Disclosure/Privilege Escalation

CVE-2025-11673 HIGH

SOOP-CLM 5.2-5.3 - Hidden Functionality Code Execution

CVE-2025-55075 MEDIUM

I-O DATA DEVICE WN-7D36QR and WN-7D36QR/UE - Authenticated SSH Enablement via Hidden Functionality

CVE-2025-30064 HIGH

CGM CLININET <= 2025.MS2 - Session Generation via Insufficient JWT Verification

CVE-2025-9382 MEDIUM

FNKvision Y215 CCTV Camera - Backdoor

CVE-2025-8938 MEDIUM

TOTOLINK N350R 1.2.3-B20130826 - Backdoor

CVE-2025-46267 MEDIUM

WRC-BE36QS-B/WRC-W701-B - Info Disclosure

CVE-2025-34117 CRITICAL

Netcore and Netis Router Firmware - Unauthenticated Remote Code Execution via UDP Port 53413 Backdoor

CVE-2025-6839 MEDIUM

Conjure Position Department Service Quality Evaluation System <1.0....

CVE-2025-26412 MEDIUM

SIMCom SIM7600G Modem <LE20B03SIM7600M21-A Authenticated RCE via AT Command

CVE-2025-48416 HIGH

eCharge Hardy Barth cPH2 / cPP2 charging stations - Unauthenticated Root Access via SSH Configuration Bypass

Page 1 of 4 Next

Details

Vulnerabilities 79

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy