CVE-2021-22279

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port...

Authentication flaw

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port...

CVE-2021-22279 OmniCore RobotWare Missing Authentication Vulnerability

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port...

CVE-2021-22279

The CVE-2021-22279 entry concerns RobotWare for the OmniCore robot controller, where a Missing Authentication vulnerability allows an attacker with access to the Connected Services Gateway Ethernet port to read and modify files on the robot controller. The issue is attributed to missing auth cont...

CVE-2021-42783

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

CVE-2021-42783

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

CVE-2021-42783

The CVE-2021-42783 issue affects the D-Link DWR-932C E1 firmware, where a Missing Authentication for Critical Function in debug_post_set.cgi enables an unauthenticated attacker to perform administrative actions. The vulnerability is documented with a high-severity CVSS score (3.1: 9.8; 2.0: 10.0)...

CVE-2021-42783 Missing Authentication in debug_post_set.cgi in D-Link DWR-932C E1 Firmware 1.0.0.4

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

CVE-2021-39231 Missing authentication/authorization on internal RPC endpoints

In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration...

SAP NetWeaver Missing Authentication for Critical Function Vulnerability

SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users...

SAP Solution Manager Missing Authentication for Critical Function Vulnerability

SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability which results in complete compromise of all SMDAgents connected to the Solution Manager...

FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication Exploit

FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-08-freeswitch-SIP-SUBSCRIBE-without-auth - Vendor Security Advisory:...

Siemens SIMATIC Process Historian

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Process Historian Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could enable the execution of...

Sophos HitmanPro 安全漏洞

Sophos HitmanPro is an excellent multi-engine cloud anti-virus scanner from Sophos UK.Sophos HitmanPro suffers from a security vulnerability that stems from a lack of authentication, access control, permission management and other security measures in the network system or product, which could be...

Mobile Industrial Robots Vehicles and MiR Fleet Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Mobile Industrial Robots MiR Equipment: MiR100, MiR200, MiR250, MiR500, MiR1000, MiR Fleet Vulnerabilities: Improper Access Control, Integer Overflow or Wraparound, Exposur...

CVE-2021-39879

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication...

UBUNTU-CVE-2021-39879

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication...

PT-2021-22725 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.11.0 and later Description: The issue is related to missing authentication in GitLab CE/EE, which allows an attacker with access to a victim's session to disable two-factor authentication. Recommendations: For GitLab...

GitLab Enterprise Edition 安全特征问题漏洞

GitLab Enterprise Edition is a content management system GitLab is a self-hosted Git version control system project repository application developed by GitLab, Inc. using Ruby on Rails. The program can be used to access the project's file content, commit history, bug list, etc.. A security...

VulnCheck KEV: CVE-2022-1388

F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services...