Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1096

1096 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-7308 SecGate3600 Firewall Information Disclosure via authManageSet.cgi — SecGate3600 Firewall 7.5AIHighAI2025-08-27
CVE-2025-30048 Unauthenticated access to module configuration endpoint — CGM CLININET 7.5AIHighAI2025-08-27
CVE-2025-30041 Missing authentication in APIs returning statistical data along with session IDs — CGM CLININET 7.5AIHighAI2025-08-27
CVE-2025-30040 Missing authentication in API returning request logs containing session IDs — CGM CLININET 5.3AIMediumAI2025-08-27
CVE-2025-30039 Missing authentication in API returning a list of all active sessions — CGM CLININET 9.8AICriticalAI2025-08-27
CVE-2025-30037 Missing authentication in APIs allowing data retrieval and modification — CGM CLININET 7.5AIHighAI2025-08-27
CVE-2025-53118 Securden Unified PAM Authentication Bypass — Unified PAM 9.8 Critical2025-08-25
CVE-2025-9254 Uniong|WebITR - Missing Authentication — WebITR 9.8 Critical2025-08-22
CVE-2025-47870 Team invite ID leaked to team admin with no member invite privileges — Mattermost 4.3 Medium2025-08-21
CVE-2025-8611 AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability — Cyber Backup 9.8 -2025-08-20
CVE-2025-8610 AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability — Cyber Backup 9.8 -2025-08-20
CVE-2025-41689 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access — Motherbox 3 7.5 High2025-08-19
CVE-2025-7774 Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities — 5032-CFGB16M12P5DR 9.8AICriticalAI2025-08-14
CVE-2025-8754 ABB AbilityTM zenon Remote Transport Vulnerability — ABB AbilityTM zenon 7.5 High2025-08-13
CVE-2025-53789 Windows StateRepository API Server file Elevation of Privilege Vulnerability — Windows 10 Version 1507 7.8 High2025-08-12
CVE-2025-54864 Hydra missing authentication when triggering evaluations through GitHub and Gitea plugins — hydra 7.5AIHighAI2025-08-12
CVE-2025-41686 Improper File Permissions Allow Local Privilege Escalation — DaUM 7.8 High2025-08-12
CVE-2025-54478 Unauthenticated Channel Subscription Edit in Mattermost Confluence Plugin — Mattermost Confluence Plugin 7.2 High2025-08-11
CVE-2025-44004 Unauthenticated Channel Subscription Creation in Mattermost Confluence Plugin — Mattermost Confluence Plugin 7.2 High2025-08-11
CVE-2025-7679 Session ID Basic Auth Bypass — Aspect 8.1 High2025-08-11
CVE-2025-5095 Burk Technology ARC Solo Missing Authentication for Critical Function — ARC Solo 9.8 Critical2025-08-08
CVE-2025-8284 Packet Power EMX and EG Missing Authentication for Critical Function — EMX 9.8 Critical2025-08-08
CVE-2025-20702 Airoha Bluetooth audio SDK 安全漏洞 — AB156x, AB157x, AB158x, AB159x series, AB1627 9.8AICriticalAI2025-08-04
CVE-2025-20700 Airoha Bluetooth audio SDK 安全漏洞 — AB156x, AB157x, AB158x, AB159x series, AB1627 8.1AIHighAI2025-08-04
CVE-2025-8286 Güralp Systems FMUS Series and MIN Series Devices — Güralp FMUS Series 9.8AICriticalAI2025-07-31
CVE-2025-8279 Missing Authentication for Critical Function in GitLab Language Server — GitLab Language Server 8.7 High2025-07-28
CVE-2025-6260 Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function — X-Series WiFi thermostats 9.8 Critical2025-07-24
CVE-2016-15045 Deepin lastore-daemon Privilege Escalation via Unsigned .deb Installation — Deepin Linux 7.8 -2025-07-23
CVE-2022-4978 Steppschuh Remote Control Server 3.1.1.12 Unauthenticated RCE — Remote Control Collection Server 8.8 -2025-07-23
CVE-2025-48733 DuraComm DP-10iN-100-MU Missing Authentication for Critical Function — SPM-500 DP-10iN-100-MU 7.5 High2025-07-22

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1096 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.