CWE-1242
14 CVEs classified under CWE-1242. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55050 | Critical | 9.8 | 2025-09-09 | CWE-1242: Inclusion of Undocumented Features |
CVE-2023-3634 | High | 8.8 | 2026-04-16 | In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead… |
CVE-2025-41756 | High | 8.1 | 2026-03-09 | A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the sys… |
CVE-2026-24714 | High | 7.5 | 2026-01-30 | Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box. |
CVE-2025-22450 | High | 7.5 | 2025-01-22 | Inclusion of undocumented features issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. A remote attacker may disable the LAN-side firewall function of… |
CVE-2024-52564 | High | 7.5 | 2024-12-05 | Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote… |
CVE-2024-54457 | High | 7.2 | 2024-12-18 | Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlie… |
CVE-2025-41754 | Medium | 6.5 | 2026-03-09 | A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the syst… |
CVE-2024-2103 | Medium | 6.5 | 2024-04-04 | Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories… |
CVE-2021-4469 | | 2025-11-14 | Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the pri… | |
CVE-2025-12176 | | 2025-10-24 | Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BL… | |
CVE-2017-20204 | | 2025-10-15 | DBLTek GoIP devices (models GoIP 1, 4, 8, 16, and 32) contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authent… | |
CVE-2025-52548 | | 2025-09-02 | E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist bu… | |
CVE-2024-7011 | | 2024-09-27 | Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP… |