Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Dingtian-DT-R002 3.1.276A Authentication Bypass
02.08.2022
Victor Hanna
Med.
EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture Replay Nonce Reuse
07.10.2020
LiquidWorm
CVEMAP Search Results
CVE
Details
Description
2024-07-21
CVE-2024-38438
Updating...
D-Link - CWE-294: Authentication Bypass by Capture-replay
2024-06-13
CVE-2024-38284
Updating...
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls.
2024-01-30
CVE-2023-6374
Updating...
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all serial numbers allows a remote unauthenticated attacker to bypass authentication by capture-replay attack and illegally login to the affected module. As a result, the remote attacker who has logged in illegally may be able to disclose or tamper with the programs and parameters in the modules.
2023-09-03
CVE-2023-39373
Updating...
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
2023-06-19
CVE-2023-29158
Updating...
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.
2023-04-10
CVE-2023-27987
Updating...
In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1] https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token
2023-04-05
CVE-2023-1886
Updating...
Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
2023-03-21
CVE-2023-1537
Updating...
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
2023-01-31
CVE-2022-45789
Updating...
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure�?? Control Expert (All Versions), EcoStruxure�?? Process Expert (Version V2020 & prior), Modicon M340 CPU (part numbers BMXP34*) (All Versions), Modicon M580 CPU (part numbers BMEP* and BMEH*) (All Versions), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions)
2023-01-10
CVE-2023-0014
Updating...
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.
Copyright
2024
, cxsecurity.com
Back to Top