Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1094

1094 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-65007 Missing Authentication for Critical Function in WODESYS WD-R608U router — WD-R608U 9.8AICriticalAI2025-12-18
CVE-2025-34434 AVideo < 20.1 ImageGallery Plugin Unauthenticated File Upload and Deletion — AVideo 9.1AICriticalAI2025-12-17
CVE-2023-53896 D-Link DAP-1325 Hardware A1 Unauthenticated Configuration Download — DAP-1325 7.5 High2025-12-16
CVE-2025-14567 haxxorsid Stock-Management-System employees missing authentication — Stock-Management-System 5.3 Medium2025-12-12
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution — Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress 5.3 Medium2025-12-12
CVE-2025-67780 SpaceX Starlink Dish 安全漏洞 — Starlink Dish 4.2 Medium2025-12-11
CVE-2024-58300 Siklu MultiHaul TG Series < 2.0.0 Unauthenticated Credential Disclosure Vulnerability — MultiHaul TG series 9.8AICriticalAI2025-12-11
CVE-2020-36894 Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated User Creation Vulnerability — i-Media Server Digital Signage 9.8AICriticalAI2025-12-10
CVE-2020-36892 Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated Privilege Escalation — i-Media Server Digital Signage 9.8AICriticalAI2025-12-10
CVE-2025-13607 D-Link CCTV camera model DCS-F5614-L1 Missing Authentication for Critical Function — DCS-F5614-L1 9.4 Critical2025-12-10
CVE-2024-2104 JBL: Improper BLE security configurations and lack of authentication on the device's GATT server — LIVE PRO 2 TWS 8.8 High2025-12-10
CVE-2023-53774 MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution — Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit 9.8AICriticalAI2025-12-09
CVE-2023-53773 MiniDVBLinux 5.4 Unauthenticated Live Stream Disclosure via tv_action.sh — MiniDVBLinux 6.5AIMediumAI2025-12-09
CVE-2023-53771 MiniDVBLinux 5.4 Unauthenticated Root Password Change via System Setup — MiniDVBLinux Change Root Password PoC 9.8AICriticalAI2025-12-09
CVE-2021-47731 Selea Targa IP Camera Developer Backdoor Configuration Overwrite — Selea Targa IP OCR-ANPR Camera 9.8AICriticalAI2025-12-09
CVE-2021-47727 Selea Targa IP Camera Unauthenticated Stream Disclosure — Selea Targa IP OCR-ANPR Camera 7.5AIHighAI2025-12-09
CVE-2021-47710 COMMAX Smart Home Ruvie CCTV Bridge DVR Service RTSP Credentials Disclosure — Smart Home Ruvie CCTV Bridge DVR Service 7.5AIHighAI2025-12-09
CVE-2021-47709 COMMAX Smart Home Ruvie CCTV Bridge DVR Service Config Write / DoS — Smart Home Ruvie CCTV Bridge DVR Service 9.1AICriticalAI2025-12-09
CVE-2025-59516 Windows Storage VSP Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2025-12-09
CVE-2025-12941 Denial of Service Vulnerability in NETGEAR C6220 and C6230 — C6220 5.5AIMediumAI2025-12-09
CVE-2025-42875 Missing Authentication check in SAP NetWeaver Internet Communication Framework — SAP NetWeaver Internet Communication Framework 6.6 Medium2025-12-09
CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9 — MTC-9 9.8 Critical2025-12-08
CVE-2025-27019 Remote shell service (RSH) in Infinera MTC-9 — MTC-9 9.8 Critical2025-12-08
CVE-2025-66555 AirKeyboard iOS App 1.0.5 - Remote Input Injection — AirKeyboard iOS App 9.8AICriticalAI2025-12-04
CVE-2025-27935 Authentication Bypass in OTP (One-time Passcode) IdP Adapter Integration Kit — One-Time Passcode Integration Kit for PingFederate 7.5AIHighAI2025-12-04
CVE-2025-54158 Synology BeeDrive 访问控制错误漏洞 — BeeDrive for desktop 7.8 High2025-12-04
CVE-2025-13510 Iskra iHUB and iHUB Lite has a Missing Authentication for Critical Function vulnerabilitiy — iHUB and iHUB Lite 9.1AICriticalAI2025-12-02
CVE-2025-13870 Unauthorized access and subscription vulnerability in Boards — Mattermost 3.1 Low2025-12-02
CVE-2024-49572 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 7.2 High2025-12-01
CVE-2024-48882 Socomec DIRIS Digiware M-70 安全漏洞 — DIRIS Digiware M-70 8.6 High2025-12-01

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1094 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.