Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-912

CWE-912

Hidden Functionality

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

79 vulnerabilities with CWE-912

CVE-2025-47729 LOW KEV

TeleMessage <2025-05-05 - Info Disclosure

CVE-2025-32370 HIGH

Kentico Xperience < 13.0.178 - Unauthenticated Arbitrary File Write via ZIP Upload Handler

CVE-2025-2894 MEDIUM

Unitree Go1 Firmware - CloudSail Remote Control Backdoor

CVE-2025-27840 MEDIUM

Espressif ESP32 Firmware - Hidden Functionality via Undocumented HCI Commands

CVE-2025-1204 HIGH

Contec Health CMS8000 Patient Monitor - Unauthenticated Arbitrary File Write via Hardcoded Update IP

CVE-2025-0675 HIGH

Elber Signum DVB-S/S2 IRD < 1.999 - Unauthenticated Hidden Functionality Disclosure

CVE-2025-0626 HIGH

Contec CMS8000 Patient Monitor Firmware - Hardcoded IP Backdoor File Overwrite

CVE-2024-39754 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - RCE

CVE-2024-13062 HIGH

ASUS Router 3.0.0.4_382-3.0.0.4_386-3.0.0.4_388-3.0.0.6_102 - OS Command Injection

CVE-2024-10773 CRITICAL

SICK InspectorP61x/62x <5.0.0 & TiM3xx <5.10.0 - Unauthenticated Pass-the-Hash via Hardcoded Credentials

CVE-2024-47001 HIGH

TAKENAKA ENGINEERING CO., LTD. - Command Injection

CVE-2024-45697 CRITICAL

D-Link DIR-X4860 - Hardcoded Telnet Credential OS Command Execution

CVE-2024-45696 HIGH

D-Link COVR-X1870 and DIR-X4860 - Hidden Telnet OS Command Execution

CVE-2024-37994 MEDIUM

SIMATIC RF360R < 2.2 - Hidden Debug Configuration Exposure

CVE-2024-37990 MEDIUM

SIMATIC RF360R < 2.2 - Hidden Functionality via Configuration File Modification

CVE-2024-20439 CRITICAL KEV

Cisco Smart Licensing Utility - Auth Bypass

CVE-2024-5633 HIGH

Longse model LBH30FE200W - Code Injection

CVE-2024-6045 HIGH

D-Link Multiple Models < 1.10.01/1.10.02/1.20.01 - Unauthenticated Hard-coded Credentials Exposure via Telnet Backdoor

CVE-2024-5514 CRITICAL

MinMax CMS - Use of Hard-coded Credentials

CVE-2024-33583 LOW

SIMATIC RTLS Locating Manager -<V3.0.1.1 - Info Disclosure

CVE-2024-3016 CRITICAL

NEC Platforms DT900-5.3.4.4 - Info Disclosure

CVE-2024-28011 CRITICAL

NEC Corporation Various Products - Info Disclosure

CVE-2024-22044 HIGH

SENTRON 3KC ATC6 Expansion Module - DoS

CVE-2023-42134 MEDIUM

PAX Android POS <8.1.0_Sagittarius_V11.1.45_20230314 - Local Code E...

CVE-2023-4467 MEDIUM

Poly Trio 8800 <7.2.6.0019 - Backdoor

Previous Page 2 of 4 Next

Details

Vulnerabilities 79

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy