CWE-306— Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.— MITRE CWE catalog
2,405 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-306page 34 of 49
- CVE-2025-30041CRITICALCVSS 9.0EG 9.02025-08-27
The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl" expose data containing session IDs.
- CVE-2025-30048MEDIUMCVSS 5.3EG 5.32025-08-27
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication.
- CVE-2025-30111HIGHCVSS 7.5EG 7.52025-03-18
On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access…
- CVE-2025-30126MEDIUMCVSS 5.3EG 5.32025-07-28
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need to pair or press a physical button, a remote attacker can disable recording, delete recordings, or even disable battery protection to cause a…
- CVE-2025-30135CRITICALCVSS 9.4EG 9.42025-07-25
An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without Authentication can occur. It lacks authentication controls on its HTTP and RTSP interfaces, allowing attackers to retrieve sensitive files and v…
- CVE-2025-30215CRITICALCVSS 9.6EG 9.62025-04-16
NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject…
- CVE-2025-30410CRITICALCVSS 9.8EG 9.82026-02-20
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) b…
- CVE-2025-30650MEDIUMCVSS 6.7EG 6.72026-04-08
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos…
- CVE-2025-30727CRITICALCVSS 9.8EG 9.82025-04-15
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network a…
- CVE-2025-30762HIGHCVSS 7.5EG 7.52025-07-15
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated at…
- CVE-2025-3090HIGHCVSS 8.2EG 8.22025-06-24
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function.
- CVE-2025-31963LOWCVSS 2.9EG 2.92026-01-07
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration…
- CVE-2025-32063MEDIUMCVSS 6.8EG 6.82026-02-15
There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activa…
- CVE-2025-3232HIGHCVSS 7.5EG 7.52025-12-24
A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific API route to execute arbitrary OS commands.
- CVE-2025-32357MEDIUMCVSS 4.3EG 4.32025-04-05
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for.
- CVE-2025-32377MEDIUMCVSS 6.5EG 6.52025-04-18
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement a…
- CVE-2025-32433CRITICALCVSS 10.0EG 10.0⚠ KEV2025-04-16
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting …
- CVE-2025-32440CRITICALCVSS 10.0EG 10.02025-05-27
NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functio…
- CVE-2025-3248CRITICALCVSS 9.8EG 9.8⚠ KEV2025-04-07
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
- CVE-2025-32738MEDIUMCVSS 5.3EG 5.32025-05-15
Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier. If exploited, a remote unauthenticated attacker may change the product settings.
- CVE-2025-32782MEDIUMCVSS 5.3EG 5.32025-04-15
Ash Authentication provides authentication for the Ash framework. The confirmation flow for account creation currently uses a GET request triggered by clicking a link sent via email. Some email clients and security tools (e.g., Outlook, vi…
- CVE-2025-32876MEDIUMCVSS 6.8EG 6.82025-06-20
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key (STK…
- CVE-2025-32879HIGHCVSS 8.8EG 8.82025-06-20
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no device is connected via Bluetooth. This allows an attacker to connect with the device via BLE if no other device is connected. While connected, n…
- CVE-2025-32896MEDIUMCVSS 6.5EG 6.52025-06-19
# Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. # Details Unauthorized users can access `/hazelcast/rest/maps/submit-job` to submit job. An attacker can set extr…
- CVE-2025-32978HIGHCVSS 7.5EG 7.52025-06-24
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system lice…
- CVE-2025-3319HIGHCVSS 8.1EG 8.12025-06-20
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources.
- CVE-2025-34028CRITICALCVSS 10.0EG 10.0⚠ KEV2025-04-22
The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in…
- CVE-2025-34039CRITICALCVSS 10.0EG 10.02025-06-24
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to ex…
- CVE-2025-34057HIGHCVSS 8.7EG 8.72025-07-02
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and s…
- CVE-2025-34068CRITICALCVSS 9.3EG 9.32025-07-15
An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e firmware prior to version 5.2.4.T1 via improper input validation in the “Tech Support” diagnostic functionality. The command1 and command2 POST…
- CVE-2025-34069CRITICALCVSS 9.8EG 9.82025-07-02
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthe…
- CVE-2025-34070CRITICALCVSS 9.8EG 9.82025-07-02
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, ex…
- CVE-2025-34071CRITICALCVSS 9.8EG 9.82025-07-02
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img file…
- CVE-2025-34073CRITICALCVSS 10.0EG 10.02025-07-02
An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions <=0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoin…
- CVE-2025-34077CRITICALCVSS 10.0EG 10.02025-07-09
An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting soci…
- CVE-2025-34079HIGHCVSS 7.8EG 7.82025-07-02
An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interfa…
- CVE-2025-34089CRITICALCVSS 9.3EG 9.32025-07-03
An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility developed by Aexol Studio, in versions up to and including 2025.7. When the application is configured with authentication disab…
- CVE-2025-34100CRITICALCVSS 9.3EG 9.32025-07-10
An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of the elFinder 2.0 file manager and its use of the jQuery File Upload plugin. The plugin fails to properly validate or restrict file types or loca…
- CVE-2025-34101CRITICALCVSS 9.3EG 9.32025-07-10
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component (default port 23423). The checkStreamUrl method accept…
- CVE-2025-34102CRITICALCVSS 9.3EG 9.32025-07-10
A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009) due to a chained exploitation of SQL injection and command injection vulnerabilities. An unauthenticated attacker can gain shell access as the…
- CVE-2025-34103CRITICALCVSS 9.3EG 9.32025-07-15
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized befor…
- CVE-2025-34104CRITICALCVSS 9.4EG 9.42025-07-15
An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a ma…
- CVE-2025-34110CRITICALCVSS 9.3EG 9.32025-07-15
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sa…
- CVE-2025-34111CRITICALCVSS 9.8EG 9.82025-07-15
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows remote attackers to upload and execute m…
- CVE-2025-34112CRITICALCVSS 10.0EG 10.02025-07-15
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtual appliances. A SQL injection vulnerability in the '/api/common/1.0/login' endpoint can be exploited t…
- CVE-2025-34113HIGHCVSS 8.7EG 8.72025-07-15
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the `viewmode` GET parameter in `tiki-calendar.php`. When the calendar module is enabled and an authentica…
- CVE-2025-34115HIGHCVSS 8.7EG 8.72025-07-15
An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via the 'cmd_str' parameter in the command_test.php endpoint. A user with access to the web interface can exploit the 'Test this command' feature …
- CVE-2025-34116HIGHCVSS 8.7EG 8.72025-07-15
A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation…
- CVE-2025-34117CRITICALCVSS 9.3EG 9.32025-07-16
A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries rema…
- CVE-2025-34119HIGHCVSS 8.8EG 8.82025-07-16
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by…
Map vulnerabilities like CWE-306 to your infrastructure
EchelonGraph correlates every CVE — across CWE-306 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →