Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-306
Total 801 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25094 1 Brandexponents 1 Tatsu 2022-11-09 6.8 MEDIUM 8.1 HIGH
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename starting with a dot ".", this can bypass extension control implemented in the plugin. Moreover, there is a race condition in the zip extraction process which makes the shell file live long enough on the filesystem to be callable by an attacker.
CVE-2022-30515 1 Zkteco 1 Biotime 2022-11-09 N/A 5.3 MEDIUM
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.
CVE-2022-38168 1 Avaya 4 Scopia Pathfinder 10 Pts, Scopia Pathfinder 10 Pts Firmware, Scopia Pathfinder 20 Pts and 1 more 2022-11-08 N/A 9.1 CRITICAL
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification.
CVE-2022-42473 1 Fortinet 1 Fortisoar 2022-11-03 N/A 5.5 MEDIUM
A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password.
CVE-2022-2474 1 Haascnc 2 Haas Controller, Haas Controller Firmware 2022-11-02 N/A 8.0 HIGH
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands” service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the device.
CVE-2022-41688 1 Deltaww 1 Infrasuite Device Master 2022-11-02 N/A 7.5 HIGH
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to the administrator group.
CVE-2022-41776 1 Deltaww 1 Infrasuite Device Master 2022-11-02 N/A 7.5 HIGH
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. This could lead to the changing of administrative passwords.
CVE-2022-41644 1 Deltaww 1 Infrasuite Device Master 2022-11-02 N/A 8.8 HIGH
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.
CVE-2022-41629 1 Deltaww 1 Infrasuite Device Master 2022-11-02 N/A 9.1 CRITICAL
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify configuration files such as UserListInfo.xml, which would allow them to see existing administrative passwords.
CVE-2022-40202 1 Deltaww 1 Infrasuite Device Master 2022-11-02 N/A 9.8 CRITICAL
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious serialized objects which, when deserialized, could activate an opcode for a backup scheduling function without authentication. This function allows the user to designate all function arguments and the file to be executed. This could allow the attacker to start any new process and achieve remote code execution.
CVE-2022-3674 1 Sanitization Management System Project 1 Sanitization Management System 2022-10-28 N/A 9.8 CRITICAL
A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The identifier VDB-212017 was assigned to this vulnerability.
CVE-2021-36888 1 Blocksera 1 Image Hover Effects 2022-10-27 7.5 HIGH 9.8 CRITICAL
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate (versions <= 9.6.1) WordPress plugin.
CVE-2021-37624 1 Freeswitch 1 Freeswitch 2022-10-27 5.0 MEDIUM 7.5 HIGH
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing. By default, SIP requests of the type MESSAGE (RFC 3428) are not authenticated in the affected versions of FreeSWITCH. MESSAGE requests are relayed to SIP user agents registered with the FreeSWITCH server without requiring any authentication. Although this behaviour can be changed by setting the `auth-messages` parameter to `true`, it is not the default setting. Abuse of this security issue allows attackers to send SIP MESSAGE messages to any SIP user agent that is registered with the server without requiring authentication. Additionally, since no authentication is required, chat messages can be spoofed to appear to come from trusted entities. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. This issue is patched in version 1.10.7. Maintainers recommend that this SIP message type is authenticated by default so that FreeSWITCH administrators do not need to be explicitly set the `auth-messages` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication.
CVE-2021-38457 1 Auvesy 1 Versiondog 2022-10-27 7.5 HIGH 9.8 CRITICAL
The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.
CVE-2021-38412 1 Digi 2 Portserver Ts 16, Portserver Ts 16 Firmware 2022-10-27 7.5 HIGH 9.8 CRITICAL
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.
CVE-2021-34621 1 Profilepress 1 Profilepress 2022-10-27 7.5 HIGH 9.8 CRITICAL
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. This issue affects versions 3.0.0 - 3.1.3. .
CVE-2021-33843 1 Fresenius-kabi 2 Agilia Sp Mc Wifi, Agilia Sp Mc Wifi Firmware 2022-10-27 5.0 MEDIUM 5.3 MEDIUM
Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.
CVE-2022-38870 1 Free5gc 1 Free5gc 2022-10-26 N/A 7.5 HIGH
Free5gc v3.2.1 is vulnerable to Information disclosure.
CVE-2022-37062 1 Flir 2 Flir Ax8, Flir Ax8 Firmware 2022-10-26 N/A 7.5 HIGH
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords.
CVE-2022-27623 1 Synology 1 Diskstation Manager 2022-10-26 N/A 9.1 CRITICAL
Missing authentication for critical function vulnerability in iSCSI management functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote attackers to read or write arbitrary files via unspecified vectors.