Fallos del tipo CWE-306
1717 resultadosCVE-2024-48773HIGHAn issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update processEPSS 0.5%CVE-2024-48776HIGHAn issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update processEPSS 0.5%CVE-2023-22101HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.5%CVE-2026-25071HIGHXikeStor SKS8310-8X switch_config.src Missing AuthenticationEPSS 0.5%CVE-2024-48775HIGHAn issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update procEPSS 0.5%CVE-2024-48777HIGHLEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process.EPSS 0.5%CVE-2025-41651CRITICALWeidmueller: Missing Authentication Vulnerability in Industrial Ethernet SwitchesEPSS 0.5%CVE-2025-15620CRITICALHiOS Switch Platform Denial-of-Service via Web InterfaceEPSS 0.5%CVE-2025-9994CRITICALAmp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not require authenticationEPSS 0.5%CVE-2025-3232HIGHMitsubishi Electric Europe smartRTU Missing Authentication for Critical FunctionEPSS 0.5%CVE-2022-41776HIGH
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration methoEPSS 0.5%CVE-2026-5724MEDIUMMissing Authentication on Streaming gRPC Replication EndpointEPSS 0.5%CVE-2025-45814CRITICALMissing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 , and v7.x and NS2000 v7.02.08 allows attacEPSS 0.5%CVE-2020-7479—A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), EPSS 0.5%CVE-2024-45229MEDIUMThe Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such as the login screen, banner display, andEPSS 0.5%CVE-2023-27259HIGHMissing Authentication In IDAttend’s IDWeb ApplicationEPSS 0.5%CVE-2024-12869MEDIUMImproper Authentication in infiniflow/ragflowEPSS 0.5%CVE-2022-24396—The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be aEPSS 0.5%CVE-2023-27258HIGHMissing Authentication In IDAttend’s IDWeb ApplicationEPSS 0.5%CVE-2025-8284CRITICALPacket Power EMX and EG Missing Authentication for Critical FunctionEPSS 0.5%