CVE-2025-1907 Instantel Micromate Missing Authentication for Critical Function

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected...

CVE-2025-1907

CVE-2025-1907 concerns Instantel Micromate devices where a lack of authentication on a configuration port could allow an attacker to execute commands if the port is accessed. Public sources report this as a critical, unauthenticated risk with high confidentiality, integrity, and availability impa...

CVE-2025-1907 Instantel Micromate Missing Authentication for Critical Function

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected...

CVE-2025-41651

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise...

The vulnerability of Nomad application orchestrators, related to the lack of authorization, allows attackers to gain unauthorized access to protected information.

The vulnerability of Nomad application orchestrators is related to the lack of authentication. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2025-40664

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser...

CVE-2025-41651

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise...

CVE-2025-41651 Weidmueller: Missing Authentication Vulnerability in Industrial Ethernet Switches

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise...

CVE-2025-41651

CVE-2025-41651 concerns a missing authentication flaw in Weidmueller industrial Ethernet switches (e.g., E-SW-VL08MT-8TX, IE-SW-PL10M-3GT-7TX, IE-SW-PL16M-16TX, IE-SW-PL18M-2GC-16TX). The root cause is lack of authentication for a critical function, enabling an unauthenticated remote attacker to ...

CVE-2025-2407

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5...

CVE-2025-2407 Missing Authentication & Authorization in Web-API allows adversary unrestricted access

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5...

CVE-2025-2407 Missing Authentication & Authorization in Web-API allows adversary unrestricted access

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5...

CVE-2025-2407

CVE-2025-2407 affects Mobatime AMX MTAPI v6 Web-API on IIS. The issue is Missing Authentication & Authorization, allowing unauthenticated network access to the Web-API. Root cause: lack of access controls in the Web-API enables adversaries to reach functionality that should require authentication...

Mobatime AMX MTAPI 安全漏洞

Mobatime AMX MTAPI is a time recording and access control system from Mobatime, Inc. A security vulnerability exists in Mobatime AMX MTAPI version v6, which stems from a lack of authentication and authorization in the Web-API and could lead to unrestricted access to the network...

PT-2025-22972 · Mobatime · Mobatime Amx Mtapi

Name of the Vulnerable Software and Affected Versions: Mobatime AMX MTAPI v6 versions prior to 1.5 Description: The issue concerns Missing Authentication & Authorization in the Web-API of Mobatime AMX MTAPI v6 on IIS, allowing adversaries to gain unrestricted access via the network...

CVE-2025-40664

CVE-2025-40664 affects TCMAN GIM v11. A missing authentication vulnerability allows unauthenticated access to /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser, potentially exposing or modifying user data. Exploitation status is not detailed in the ...

CVE-2024-47912

A vulnerability in the AWV Audio, Web, and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms. A successful exploit could allow an attacker to...

CVE-2024-39300

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...

CVE-2024-2076

A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file booking.php/owner.php/tenant.php. The manipulation leads to missing authentication. The attack may be launched remotely. Th...

CVE-2024-33622

Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated attacker...