CVE-2026-1410

CVE-2026-1410 affects Beetel 777VR1 (firmware up to 01.00.09/01.00.09_55). The vulnerability is in an unknown function of the UART Interface, leading to missing authentication. Reports describe a physical-device attack feasible with high complexity and no required privileges or user interaction. ...

PT-2026-4680

A vulnerability was detected in Beetel 777VR1 up to 01.00.09/01.00.09 55. Impacted is an unknown function of the component UART Interface. The manipulation results in missing authentication. An attack on the physical device is feasible. This attack is characterized by high complexity. The...

CVE-2026-1364

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2025-14843 Wizit Gateway for WooCommerce <= 1.2.9 - Missing Authentication to Unauthenticated Arbitrary Order Cancellation

The Wizit Gateway for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Order Cancellation in all versions up to, and including, 1.2.9. This is due to a lack of authentication and authorization checks in the 'handlecheckoutredirecturlresponse' function. This makes it...

CVE-2026-1332

MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information...

CVE-2026-1364

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2026-1364

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2026-1364 JNC｜IAQS and I6 - Missing Authentication

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2026-1364

CVE-2026-1364 affects IAQS and I6 developed by JNC, with a Missing Authentication vulnerability that allows unauthenticated remote attackers to directly operate system administrative functionalities. The issue is labeled as CRITICAL (CVSS v4.0: AV:N/AC:L/AT:N/PR:N/UI:N/V C:H/I:H/A:H; base score 9...

CVE-2026-1364 JNC｜IAQS and I6 - Missing Authentication

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2026-0778

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...

CVE-2026-0778 Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...

CVE-2026-0778

CVE-2026-0778 concerns Enel X JuiceBox 40 Telnet service. The Telnet daemon, listening on TCP 2000, lacks authentication before allowing remote connections, enabling network-adjacent attackers to execute arbitrary code with the service account context. Documents from ZDI, Red Hat, NVD, CVE listin...

PT-2026-4343

Name of the Vulnerable Software and Affected Versions IAQS and I6 affected versions not specified Description A missing authentication issue exists in IAQS and I6 developed by JNC. This allows unauthenticated remote attackers to directly operate system administrative functionalities...

CVE-2025-54816

This vulnerability occurs when a WebSocket endpoint does not enforce proper authentication mechanisms, allowing unauthorized users to establish connections. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that n...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...