Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097

1097 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13870 Unauthorized access and subscription vulnerability in Boards — Mattermost 3.1 Low2025-12-02
CVE-2024-49572 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 7.2 High2025-12-01
CVE-2024-48882 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 8.6 High2025-12-01
CVE-2025-20085 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 7.2 High2025-12-01
CVE-2025-23417 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 8.6 High2025-12-01
CVE-2025-54849 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 7.5 High2025-12-01
CVE-2025-54850 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 7.5 High2025-12-01
CVE-2025-54848 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 7.5 High2025-12-01
CVE-2025-54851 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 7.5 High2025-12-01
CVE-2025-55222 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 8.6 High2025-12-01
CVE-2025-55221 Socomec DIRIS Digiware M-70 访问控制错误漏洞 — DIRIS Digiware M-70 8.6 High2025-12-01
CVE-2019-25227 Tellion HN-2204AP Unauthenticated Configuration Disclosure — HN-2204AP Router 9.8AICriticalAI2025-11-26
CVE-2020-36871 ESCAM QD-900 Unauthenticated Configuration Disclosure — QD-900 WIFI HD Camera 9.1AICriticalAI2025-11-26
CVE-2019-25226 Dongyoung Media DM-AP240T/W Unauthenticated Configuration Disclosure — DM-AP240T/W Wireless Access Point 9.8AICriticalAI2025-11-26
CVE-2020-36873 Astak CM-818T3 Unauthenticated Configuration Disclosure — CM-818T3 2.4GHz Wireless Security Surveillance Camera 9.1AICriticalAI2025-11-26
CVE-2020-36874 ACE SECURITY WIP-90113 Unauthenticated Configuration Disclosure — WIP-90113 HD Camera 9.1AICriticalAI2025-11-26
CVE-2025-13483 Missing Authentication for Critical Function in SiRcom SMART Alert (SiSA) — SMART Alert (SiSA 9.4AICriticalAI2025-11-25
CVE-2025-12003 ASUS Router 安全漏洞 — Router 9.1AICriticalAI2025-11-25
CVE-2024-14007 TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure — NVMS-9000 9.8AICriticalAI2025-11-24
CVE-2025-11771 Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO <= 2.4.7 - Missing Authentication to Unauthenticated Presale Update — Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO 5.3 Medium2025-11-21
CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras — P201 6.8 Medium2025-11-20
CVE-2025-64770 Missing Authentication for ONVIF in iCam Cameras — P201 6.8 Medium2025-11-20
CVE-2025-34331 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Read via download.php — AudioCodes Fax/IVR Appliance 7.5AIHighAI2025-11-19
CVE-2025-12349 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger — Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress 5.3 Medium2025-11-19
CVE-2025-9312 Improper Certificate-Based Authentication Enforcement in Multiple WSO2 Products — WSO2 API Manager 9.8 Critical2025-11-18
CVE-2025-64307 Brightpick Mission Control / Internal Logic Control Missing Authentication for Critical Function — Brightpick Mission Control / Internal Logic Control 6.5 Medium2025-11-14
CVE-2025-59780 General Industrial Controls Lynx+ Gateway Missing Authentication for Critical Function — Lynx+ Gateway 7.5 High2025-11-14
CVE-2025-58083 General Industrial Controls Lynx+ Gateway Missing Authentication for Critical Function — Lynx+ Gateway 10.0 Critical2025-11-14
CVE-2021-4469 Denver SHO-110 IP Camera Unauthenticated Snapshot Access — SHO-110 7.5 -2025-11-14
CVE-2021-4468 PLANEX CS-QP50F-ING2 Smart Camera Remote Configuration Disclosure — CS-QP50F-ING2 9.8 -2025-11-14

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1097 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.