CWE-1242
12 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1242page 1 of 1
- CVE-2017-20204CRITICALCVSS 9.3EG 0.02025-10-15
DBLTek GoIP devices (models GoIP 1, 4, 8, 16, and 32) contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme wh…
- CVE-2021-4469HIGHCVSS 8.7EG 0.02025-11-14
Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allo…
- CVE-2023-3634HIGHCVSS 8.8EG 8.82026-04-16
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability.
- CVE-2024-2103MEDIUMCVSS 6.5EG 6.52024-04-04
Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Trans…
- CVE-2024-52564HIGHCVSS 7.5EG 7.52024-12-05
Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a resul…
- CVE-2024-54457HIGHCVSS 7.2EG 7.22024-12-18
Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to enable telnet service.
- CVE-2024-7011MEDIUMCVSS 6.5EG 6.52024-09-27
Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-P605UL, NP-P605UL+, NP-P605ULG, NP-P605U…
- CVE-2025-12176CRITICALCVSS 9.8EG 9.82025-10-24
Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- CVE-2025-22450HIGHCVSS 7.5EG 7.52025-01-22
Inclusion of undocumented features issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. A remote attacker may disable the LAN-side firewall function of the affected products, and open specific ports.
- CVE-2025-52548MEDIUMCVSS 4.9EG 4.92025-09-02
E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application serv…
- CVE-2025-55050CRITICALCVSS 9.8EG 9.82025-09-09
CWE-1242: Inclusion of Undocumented Features
- CVE-2026-24714HIGHCVSS 7.5EG 7.52026-01-30
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
Map vulnerabilities like CWE-1242 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1242 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →