2930 matches found
CVE-2024-25995
CVE-2024-25995 involves PHOENIX CONTACT CHARX SEC-3000 (CHARX Series) AC charge controllers. The root cause is an input-validation/authentication flaw in critical functions, allowing an unauthenticated attacker to modify configurations and trigger remote code execution. Affected product versions ...
CVE-2024-25995 PHOENIX CONTACT: Remote code execution in CHARX Series
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation...
TPC-110W Missing Authentication
include include include include include include int mainint argc, char argv int sock; struct sockaddrin servaddr; char command512; sock = socketAFINET, SOCKSTREAM, 0; if sock 0 perror"socket"; exit1; memset&servaddr, '0', sizeofservaddr; servaddr.sinfamily = AFINET; servaddr.sinport = htons8888; ...
TPC-110W - Missing Authentication for Critical Function
include include include include include include int mainint argc, char argv int sock; struct sockaddrin servaddr; char command512; sock = socketAFINET, SOCKSTREAM, 0; if sock 0 perror"socket"; exit1; memset&servaddr, '0', sizeofservaddr; servaddr.sinfamily = AFINET; servaddr.sinport = htons8888; ...
CVE-2024-2076 CodeAstro House Rental Management System tenant.php missing authentication
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file booking.php/owner.php/tenant.php. The manipulation leads to missing authentication. The attack may be launched remotely. Th...
House Rental Management System Security Vulnerability
House Rental Management System is a house rental management system by Carlo Montero Personal Developer. A security vulnerability exists in House Rental Management System version 1.0, which stems from an unknown function in booking.php/owner.php/tenant.php that results in missing authentication...
CVE-2022-48621
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2022-48621
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality...
The vulnerabilities of microprogramming software in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems allow a intruder to gain unauthorized access to protected information, execute arbitrary code, and gain full control over the device.
The vulnerability of the microprogramming software in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems is related to the absence of authentication procedures for critical functions. Exploiting this vulnerability could allow an attacker to gain unauthorized...
CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function
MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...
CVE-2023-49617 MachineSense FeverWarn Missing Authentication for Critical Function
The MachineSense application programmable interface API is improperly protected and can be accessed without authentication. A remote attacker could retrieve and modify sensitive information without any authentication...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
Authentication Bypass
Lobe Chat is vulnerable to Authentication Bypass. The vulnerability is caused due to missing authentication checks within route.ts when the application is password-protected deployed with the ACCESSCODE option. This allows an attacker to access plugins without proper authorization...
Omron CS/CJ Series Missing Authentication For Critical Function (CVE-2022-45794)
Omron CS/CJ series programmable logic controllers are missing authentication for the file system. This could allow an attacker to access the file system via memory card or EM file memory and obtain all available sensitive information. This plugin only works with Tenable.ot. Please visit...
CVE-2023-6942
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106...
Mitsubishi Electric FA Engineering Software Products (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...
CVE-2024-21619
CVE-2024-21619 describes a vulnerability in Juniper Networks Junos OS on SRX and EX series where an unauthenticated attacker can access sensitive configuration information via the J-Web interface. The root cause is a Missing Authentication for a Critical Function combined with a Generation of Err...
MachineSense FeverWarn
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : MachineSense LLC. Equipment : MachineSense FeverWarn Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials, Improper Access Control, OS Command...