The vulnerability of the MachineSense microprogramming software components in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems, which allows a intruder to gain unauthorized access to protected information.

The vulnerability of the MachineSense microprogramming software components in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems is related to the absence of authentication procedures for critical functions. Exploiting this vulnerability could allow an attacker ...

CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

CVE-2024-22449

Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...

Missing Authentication for Critical Function

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

CVE-2023-6942

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106...

Mitsubishi Electric FA Engineering Software Products (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...

PT-2024-1435 · Unknown · Machinesense +3

Name of the Vulnerable Software and Affected Versions: MachineSense devices affected versions not specified FeverWarn ESP32 affected versions not specified FeverWarn RaspberryPi affected versions not specified FeverWarn DataHub RaspberryPi affected versions not specified Description: The issue is...

PT-2024-1432 · Unknown · Machinesense +3

Name of the Vulnerable Software and Affected Versions: MachineSense devices affected versions not specified FeverWarn ESP32 affected versions not specified FeverWarn RaspberryPi affected versions not specified FeverWarn DataHub RaspberryPi affected versions not specified Description: The issue is...

PT-2024-1427 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series and EX Series versions earlier than 20.4R3-S9 Juniper Networks Junos OS on SRX Series and EX Series 21.2 versions earlier than 21.2R3-S7 Juniper Networks Junos OS on SRX Series and EX Series 21.3 versio...

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack ...

The vulnerability of the 5G mobile communication network organization software free5GC, related to the lack of authentication for critical functions, allows attackers to disclose protected information.

The vulnerability of the software for managing fifth-generation mobile communication networks 5G, free5GC, is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

The vulnerability of the microprogrammed logic controllers Sauter Nova 220, 230, and 106 lies in the absence of authentication for a critical function. This allows attackers to bypass security restrictions and execute arbitrary commands.

The vulnerability of the microprogrammed logic controllers Sauter Nova 220, 230, and 106 lies in the absence of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to bypass security restrictions and execute arbitrary commands...

PT-2023-9595 · Mysql Server · Mysql Connectors

Name of the Vulnerable Software and Affected Versions: MySQL Connectors versions 9.0.0 and prior Description: The issue is related to a lack of authentication for a critical function in the Connector/Python component of MySQL Connectors, allowing a low-privileged attacker with network access via...

The vulnerability of the PC Settings Tool, a software tool for configuring computers, lies in the lack of authentication for a critical function, which allows attackers to escalate their privileges.

The vulnerability of the PC Settings Tool software relates to the lack of authentication for a critical function. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-47674

Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB...

CVE-2023-47674

Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB...

CVE-2023-47674

Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB...

Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...

Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...

Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is...