Common Weakness Enumeration

CWE-1242

Allowed

Inclusion of Undocumented Features or Chicken Bits

Abstraction: Base · Status: Incomplete

The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.

27 vulnerabilities reference this CWE, most recent first.

GHSA-J6M3-M3QR-P3PM

Vulnerability from github – Published: 2025-09-09 21:30 – Updated: 2025-09-09 21:30
VLAI
Details

CWE-1242: Inclusion of Undocumented Features

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-09T19:15:54Z",
    "severity": "CRITICAL"
  },
  "details": "CWE-1242: Inclusion of Undocumented Features",
  "id": "GHSA-j6m3-m3qr-p3pm",
  "modified": "2025-09-09T21:30:27Z",
  "published": "2025-09-09T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55050"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JF99-74QP-89MX

Vulnerability from github – Published: 2026-01-30 06:30 – Updated: 2026-01-30 06:30
VLAI
Details

Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24714"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-30T05:16:33Z",
    "severity": "HIGH"
  },
  "details": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box.",
  "id": "GHSA-jf99-74qp-89mx",
  "modified": "2026-01-30T06:30:15Z",
  "published": "2026-01-30T06:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24714"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN46722282"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/about/eos"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PF3M-QW97-HPVM

Vulnerability from github – Published: 2025-10-01 18:30 – Updated: 2025-10-01 18:30
VLAI
Details

E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-52548"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-02T12:15:37Z",
    "severity": "MODERATE"
  },
  "details": "E3 Site Supervisor Control (firmware version \u003c 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.",
  "id": "GHSA-pf3m-qw97-hpvm",
  "modified": "2025-10-01T18:30:38Z",
  "published": "2025-10-01T18:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52548"
    },
    {
      "type": "WEB",
      "url": "https://www.armis.com/research/frostbyte10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PJ28-H6VH-G59W

Vulnerability from github – Published: 2025-10-24 18:31 – Updated: 2025-11-10 15:31
VLAI
Details

Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-12176"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-24T16:15:36Z",
    "severity": "CRITICAL"
  },
  "details": "Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.",
  "id": "GHSA-pj28-h6vh-g59w",
  "modified": "2025-11-10T15:31:02Z",
  "published": "2025-10-24T18:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12176"
    },
    {
      "type": "WEB",
      "url": "https://azure-access.com/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R596-GGC2-8M6G

Vulnerability from github – Published: 2024-04-04 18:30 – Updated: 2024-04-04 18:30
VLAI
Details

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay

. See product instruction manual appendix A dated 20240308 for more details regarding the SEL-751 Feeder Protection Relay. For more information for the other affected products, see their instruction manuals dated 20240329.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-2103"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-04T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "\nInclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably:\nSEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay\n\n. See product instruction manual appendix A dated 20240308 for more details regarding the SEL-751 Feeder Protection Relay. For more information for the other affected products, see their instruction manuals dated 20240329.\n\n",
  "id": "GHSA-r596-ggc2-8m6g",
  "modified": "2024-04-04T18:30:33Z",
  "published": "2024-04-04T18:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2103"
    },
    {
      "type": "WEB",
      "url": "https://selinc.com/support/security-notifications/external-reports"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VQFP-5PRQ-MXXW

Vulnerability from github – Published: 2026-03-09 09:30 – Updated: 2026-03-09 09:30
VLAI
Details

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-41754"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-09T09:15:58Z",
    "severity": "MODERATE"
  },
  "details": "A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.",
  "id": "GHSA-vqfp-5prq-mxxw",
  "modified": "2026-03-09T09:30:30Z",
  "published": "2026-03-09T09:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41754"
    },
    {
      "type": "WEB",
      "url": "https://www.mbs-solutions.de/mbs-2025-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X9HR-JX5X-V454

Vulnerability from github – Published: 2024-12-18 09:31 – Updated: 2024-12-18 09:31
VLAI
Details

Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to enable telnet service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54457"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1242"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-18T07:15:08Z",
    "severity": "HIGH"
  },
  "details": "Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to enable telnet service.",
  "id": "GHSA-x9hr-jx5x-v454",
  "modified": "2024-12-18T09:31:35Z",
  "published": "2024-12-18T09:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54457"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU91084137"
    },
    {
      "type": "WEB",
      "url": "https://www.fxc.jp/news/20241213"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

The implementation of chicken bits in a released product is highly discouraged. If implemented at all, ensure that they are disabled in production devices. All interfaces to a device should be documented.

CAPEC-212: Functionality Misuse

An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.

CAPEC-36: Using Unpublished Interfaces or Functionality

An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.