Authentication Bypass Using an Alternate Path or ChannelCWE-288
| CVE ID | CVSS | Vendor | Exploit | Patch | Trends |
|---|---|---|---|---|---|
CVE-2024-9989The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'crypto_connect_ajax_process::log_in' function in the 'crypto_connect_ajax_process' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-9988The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due to missing validation on the user being supplied in the 'crypto_connect_ajax_process::register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-9933The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.6. This is due to the 'watchtower_ota_token' default value is empty, and the not empty check is missing in the 'Password_Less_Access::login' function. This makes it possible for unauthenticated attackers to log in to the WatchTowerHQ client administrator user. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-9931The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the first administrator user. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-9930The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verify_email' action. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator. The vulnerability is in the Account extension. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-9893The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.1.14. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-9890The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. | CVSS 8.8 | Wordpress | - | - |  |
CVE-2024-9861The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.6.0. This is due to missing validation on the token being supplied during the otp login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the phone number associated with that user. | CVSS 8.1 | Miniorange, et al | - | - |  |
CVE-2024-9822The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'login_admin_user' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the administrator, or if it does not exist, then to the first administrator. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-9522The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.0. This is due to incorrect authentication and capability checking in the 'ajax_masq_login' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. | CVSS 8.8 | Wordpress | - | - |  |
CVE-2024-9501The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token. | CVSS 9.8 | Wpmet, et al | - | - |  |
CVE-2024-9488The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token. | CVSS 9.8 | Gvectors, et al | - | Patched |  |
CVE-2024-9289The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwap_login_request_callback() function not properly validating a user's identity prior to authenticating them to the site. This makes it possible for unauthenticated attackers to log in as any user, including administrators, granted they have access to the administrator's email. | CVSS 9.8 | Redefiningtheweb, et al | - | - |  |
CVE-2024-9106The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-9105The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimate_ai_register_or_login_with_google' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-8943The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.0.12. This is due to insufficient verification on the user being supplied during the booking customer step. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. Note that logging in as a WordPress user is only possible if the "Use WordPress users as customers" setting is enabled, which is disabled by default. The vulnerability is partially patched in version 5.0.12 and fully patched in version 5.0.13. | CVSS 9.8 | Latepoint, et al | - | - |  |
CVE-2024-8277The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully. | CVSS 9.8 | Wordpress, et al | Exploit | - |  |
CVE-2024-8012An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | CVSS 7.8 | Ivanti | - | Patched |  |
CVE-2024-7781The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.7.5. This is due to improper authentication via the Social Login widget. This makes it possible for unauthenticated attackers to log in as the first user to have logged in with a social media account, including administrator accounts. Attackers can exploit the vulnerability even if the Social Login element has been disabled, as long as it was previously enabled and used. The vulnerability was partially patched in version 4.7.5, and fully patched in version 4.7.8. | CVSS 9.8 | Artbees, et al | - | Patched |  |
CVE-2024-7628The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2. This is due to the use of loose comparison in the 'verify_id_token' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to an @flutter.io email address or phone number. This also requires firebase to be configured on the website and the user to have set up firebase for their account. | CVSS 8.1 | Wordpress | - | - |  |
CVE-2024-7503The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'woo_slg_confirm_email_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the userID. This requires the email module to be enabled. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-7350The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user's email. This is only exploitable when the 'Auto login user after successful booking' setting is enabled. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-7125Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01. | CVSS 7.8 | Hitachi | - | - |  |
CVE-2024-7027The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied during a QR code login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing Voucher Vendor user on the site, if they have access to the user id. | CVSS 7.3 | Wordpress, et al | - | - |  |
CVE-2024-7007Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application. | CVSS 9.8 | Positron | - | - |  |
CVE-2024-6684Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass.This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported. | CVSS Low | - | - |  | |
CVE-2024-6635The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. This is due to insufficient controls in the 'woo_slg_login_email' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, excluding an administrator, if they know the email of user. | CVSS 7.3 | Wordpress, et al | - | - |  |
CVE-2024-5620Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics Apinizer Management Console allows Authentication Bypass.This issue affects Apinizer Management Console: before 2024.05.1. | CVSS 6.5 | - | - |  | |
CVE-2024-5322The N-central server is vulnerable to session rebinding of already authenticated users when using Entra SSO, which can lead to authentication bypass.
This vulnerability is present in all Entra-supported deployments of N-central prior to 2024.3. | CVSS 9.1 | N-able | - | - |  |
CVE-2024-50503Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck Oñate User Toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through 1.2.3. | CVSS 9.8 | Jonathonkemp | - | - |  |
CVE-2024-50489Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation allows Authentication Bypass.This issue affects Realty Workstation: from n/a through 1.0.45. | CVSS 9.8 | Realty workstation | - | - |  |
CVE-2024-50488Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3. | CVSS 8.8 | Wordpress | - | - |  |
CVE-2024-50487Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API allows Authentication Bypass.This issue affects MaanStore API: from n/a through 1.0.1. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-50486Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through 1.0.5. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-50477Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-50334Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT requests on the /api;/config endpoint while setting the Content-Type: application/hocon header allow unauthenticated attackers to file reading via HOCON file inclusion. This allows attackers to retrieve sensitive information such as configuration files from the server, which can be leveraged for further exploitation. The vulnerability has been fixed in Scoold 1.64.0. A workaround would be to disable the Scoold API with scoold.api_enabled = false. | CVSS 5.3 | Erudika | - | Patched |  |
CVE-2024-49675Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl Switch User allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through 1.0.1. | CVSS 8.8 | Wordpress | - | - |  |
CVE-2024-49604Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5. | CVSS 9.8 | Wordpress, et al | - | - |  |
CVE-2024-49328Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-49247: Authentication Bypass Using an Alternate Path or Channel vulnerability in sooskriszta, webforza BuddyPress Better Registration allows : Authentication Bypass.This issue affects BuddyPress Better Registration: from n/a through 1.6. | CVSS 9.8 | Buddypress | - | - |  |
CVE-2024-47574A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages. | CVSS 7.8 | Fortinet | - | - |  |
CVE-2024-47406Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. | CVSS 9.1 | Toshibatec | - | - |  |
CVE-2024-47010Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | CVSS 9.8 | Ivanti | - | Patched |  |
CVE-2024-47009Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | CVSS 9.8 | Ivanti | - | Patched |  |
CVE-2024-46887The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. | CVSS 5.3 | Siemens | - | - |  |
CVE-2024-43692An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full privileges by requesting the URL directly. | CVSS 9.8 | Doverfuelingsolutions | - | - |  |
CVE-2024-41173The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker. | CVSS 7.8 | Beckhoff | - | - |  |
CVE-2024-39309This vulnerability allows remote attackers to bypass authentication on affected installations of Parse Server. Authentication is not required to exploit this vulnerability.<br/>The specific flaw exists within the literalizeRegexPart function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to bypass authentication on the system.<br/> Parse has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r">https://github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r</a> <br/></td> | CVSS 9.8 | Parseplatform | Exploit | Patched |  |
CVE-2024-38437D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel | CVSS 9.8 | Dlink | - | - |  |
CVE-2024-38394Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and filesystem implementations. NOTE: the GSD supplier indicates that consideration of a mitigation for this within GSD would be in the context of "a new feature, not a CVE." | CVSS 4.3 | - | Patched |  | |
CVE-2024-38279The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. | CVSS 4.6 | Motorola | - | - |  |
CVE-2024-37893Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from other sources. As OAuth applications are easily enumerable using an incrementing id, an attacker could try sign an OAuth application up to a users profile quite easily if they have created one. The attacker would also need to know the victims username and password. This problem has been patched in Firefly III v6.1.17 and up. Users are advised to upgrade. Users unable to upgrade should Use a unique password for their Firefly III instance and store their password securely, i.e. in a password manager. | CVSS 5.9 | Firefly-iii | - | Patched |  |
CVE-2024-36470In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 authentication bypass was possible in specific edge cases | CVSS 8.1 | Jetbrains | - | - |  |
CVE-2024-36042Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access. | CVSS 9.8 | Silverpeas | - | Patched |  |
CVE-2024-35214A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for Windows version 3.2 and 3.3 could allow an attacker to potentially uninstall CylanceOPTICS from a system thereby leaving it with only the protection of CylancePROTECT. | CVSS Low | Cylance | - | - |  |
CVE-2024-35151IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. | CVSS 6.5 | Ibm | - | Patched |  |
CVE-2024-35124A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674. | CVSS 7.5 | Ibm | - | Patched |  |
CVE-2024-3496This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Toshiba e-STUDIO2518A printers. Authentication is not required to exploit this vulnerability.<br/>The specific flaw exists within the authentication mechanism. The issue results from improper session management. An attacker can leverage this vulnerability to bypass authentication on the system.<br/> Toshiba has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://www.toshibatec.com/information/20240531_01.html">https://www.toshibatec.com/information/20240531_01.html</a> <br/></td> | CVSS 8.8 | Toshiba | Exploit | - |  |
CVE-2024-34524In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content. | CVSS 9.1 | - | - |  | |
CVE-2024-31916IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026. | CVSS 7.5 | Ibm | - | Patched |  |
CVE-2024-31814TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login function. | CVSS 8.8 | Totolink | - | - |  |
CVE-2024-31463Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the `IRONIC_REVERSE_PROXY_SETUP` variable set to `true`, 1) HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2) Ironic listens in host network on a private port 6388 on localhost by default. As a result, when the reverse proxy mode is used, any Pod or local Unix user on the control plane Node can access the Ironic API on the private port without authentication. A similar problem affects Ironic Inspector (`INSPECTOR_REVERSE_PROXY_SETUP` set to `true`), although the attack potential is smaller there. This issue affects operators deploying ironic-image in the reverse proxy mode, which is the recommended mode when TLS is used (also recommended), with the `IRONIC_PRIVATE_PORT` variable unset or set to a numeric value. In this case, an attacker with enough privileges to launch a pod on the control plane with host networking can access Ironic API and use it to modify bare-metal machine, e.g. provision them with a new image or change their BIOS settings. This vulnerability is fixed in 24.1.1. | CVSS 4.7 | Metal3 | - | Patched |  |
CVE-2024-29853An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation. | CVSS Low | Microsoft, et al | - | - |  |
CVE-2024-29849Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. | CVSS Low | Veeam | Exploit | - |  |
CVE-2024-2973An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.
Only routers or conductors that are running in high-availability redundant configurations are affected by this vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue affects:
Session Smart Router:
* All versions before 5.6.15,
* from 6.0 before 6.1.9-lts,
* from 6.2 before 6.2.5-sts.
Session Smart Conductor:
* All versions before 5.6.15,
* from 6.0 before 6.1.9-lts,
* from 6.2 before 6.2.5-sts.
WAN Assurance Router:
* 6.0 versions before 6.1.9-lts,
* 6.2 versions before 6.2.5-sts. | CVSS 10 | - | - |  | |
CVE-2024-28200The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all deployments of N-central prior to 2024.2.
This vulnerability was discovered through internal N-central source code review and N-able has not observed any exploitation in the wild. | CVSS 9.8 | N-able | Exploit | Patched |  |
CVE-2024-27198In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | CVSS 9.8 | Jetbrains | Exploit | Patched |  |
CVE-2024-26566An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component. | CVSS 8.2 | Iscute | - | - |  |
CVE-2024-23917In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | CVSS 9.8 | Jetbrains | - | Patched |  |
CVE-2024-21491Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of the actual signature.
**Note:**
The attacker would need to know a victim uses the Rust library for verification,no easy way to automatically check that; and uses webhooks by a service that uses Svix, and then figure out a way to craft a malicious payload that will actually include all of the correct identifiers needed to trick the receivers to cause actual issues. | CVSS 6.5 | Svix | - | Patched |  |
CVE-2024-2056Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed. | CVSS 9.8 | - | - |  | |
CVE-2024-2055The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. | CVSS 9.8 | Artica-proxy | - | - |  |
CVE-2024-2013An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway component that if exploited allows attackers without
any access to interact with the services and the post-authentication
attack surface. | CVSS 10 | Hitachienergy | - | Patched |  |
CVE-2024-2012vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or
code to be executed on the UNEM server allowing sensitive data to
be read or modified or could cause other unintended behavior | CVSS 9.8 | Hitachienergy | - | Patched |  |
CVE-2024-1709ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
| CVSS 10 | Connectwise | Exploit | Patched |  |
CVE-2024-1646parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_software', '/check_update', '/start_recording', and '/stop_recording'. This vulnerability can lead to denial of service, unauthorized disabling or overriding of recordings, and potentially other impacts if certain features are enabled in the configuration. | CVSS Low | - | - |  | |
CVE-2024-1525An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their verified secondary email address and sign-in using direct authentication with the reset password, bypassing LDAP. | CVSS 5.3 | Gitlab | - | - |  |
CVE-2024-11028The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the user impersonation feature inappropriately determining the current user via user-supplied input. This makes it possible for unauthenticated attackers to generate an impersonation link that will allow them to log in as any existing user, such as an administrator. NOTE: The user impersonation feature was disabled in version 1.1.0 and re-enabled with a patch in version 1.1.2. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-10924The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default). | CVSS 9.8 | Wordpress | Exploit | - |  |
CVE-2024-10438The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities. | CVSS 7.5 | Sun.net, et al | - | - |  |
CVE-2024-10381This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the vulnerable device.
Successful exploitation of this vulnerability could allow remote attacker to gain unauthorized access and take complete control of the targeted device. | CVSS 9.8 | - | - |  | |
CVE-2024-10311The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. This is due to a missing capability check in the 'edba_admin_handle' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin settings and log in as any existing user on the site, such as an administrator. | CVSS 8.8 | Wordpress | - | - |  |
CVE-2024-10284The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-10245The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | CVSS 9.8 | Wordpress | - | - |  |
CVE-2024-10081CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.
This issue affects CodeChecker: through 6.24.1. | CVSS 10 | Ericsson | - | Patched |  |
CVE-2024-10002The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905. This is due to insufficient validation and capability check on the 'rover_idx_refresh_social_callback' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in to administrator. The vulnerability is partially patched in version 3.0.0.2905 and fully patched in version 3.0.0.2906. | CVSS 8.8 | Wordpress | - | Patched |  |
CVE-2023-6718An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users. | CVSS 9.4 | Europeana | - | - |  |
CVE-2023-4957 A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled. | CVSS 4.3 | - | - |  | |
CVE-2023-49231An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token. | CVSS 9.8 | - | - |  | |
CVE-2023-4702Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.
| CVSS 9.8 | Yepas | - | - |  |
CVE-2023-46749Apache Shiro before 1.130 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting
Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default).
| CVSS 6.6 | Apache | - | Patched |  |
CVE-2023-46747
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
| CVSS 9.8 | F5 | Exploit | Patched |  |
CVE-2023-46319WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive information by bypassing access control on a network access administration web interface. | CVSS 7.5 | Wallix | - | Patched |  |
CVE-2023-45539HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. | CVSS 8.2 | Haproxy | - | Patched |  |
CVE-2023-42793In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | CVSS 9.8 | Jetbrains | Exploit | Patched |  |
CVE-2023-42771Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode. | CVSS 8.8 | Furunosystems | - | Patched |  |
CVE-2023-42770
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
| CVSS 9.8 | Redlioncontrols | - | Patched |  |
CVE-2023-41256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
| CVSS HIGH | - | - |  | |
CVE-2023-37057An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism. | CVSS 9.8 | - | - |  | |
CVE-2023-36091** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | CVSS 9.8 | Dlink | - | Patched |  |