Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1185

1185 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6979 Captive Portal can allow authentication bypass — Arista Edge Threat Management - Arista Next Generation Firewall 8.8 High2025-10-23
CVE-2025-62169 OctoPrint-SpoolManager Plugin APIs do not enforce authentication — OctoPrint-SpoolManager 8.1 High2025-10-23
CVE-2025-62398 Moodle: possible to bypass mfa 8.1AIHighAI2025-10-23
CVE-2025-41110 Improper Authentication vulnerability in Ghost Robotics' Vision 60 — Vision 60 8.8AIHighAI2025-10-22
CVE-2025-41108 Improper Authentication vulnerability in Ghost Robotics' Vision 60 — Vision 60 9.8AICriticalAI2025-10-22
CVE-2025-11625 Host verification bypass and credential leak — wolfSSH 9.8AICriticalAI2025-10-21
CVE-2025-61922 PrestaShop Checkout allows customer account takeover via email — ps_checkout 9.1 Critical2025-10-16
CVE-2025-10293 Keyy Two Factor Authentication (like Clef) <= 1.2.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover — Keyy Two Factor Authentication (like Clef) 8.8 High2025-10-15
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access — dojo 9.8AICriticalAI2025-10-14
CVE-2025-59280 Windows SMB Client Tampering Vulnerability — Windows 10 Version 1507 3.1 Low2025-10-14
CVE-2025-55340 Windows Remote Desktop Protocol Security Feature Bypass — Windows 10 Version 21H2 7.0 High2025-10-14
CVE-2025-53845 Fortinet FortiAnalyzer 授权问题漏洞 — FortiAnalyzer 6.2 Medium2025-10-14
CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal — FactoryTalk View Machine Edition 8.1AIHighAI2025-10-14
CVE-2025-9063 Rockwell Automation PanelView Plus 7 Performance Series B Authentication Bypass — PanelView Plus 7 Performance Series B 9.1AICriticalAI2025-10-14
CVE-2025-11192 Fabric Engine (VOSS) AutoSense Authentication Bypass — Fabric Engine (VOSS) 7.5AIHighAI2025-10-07
CVE-2025-11287 samanhappy MCPHub sseService.ts handleSseConnectionfunction improper authentication — MCPHub 7.3 High2025-10-05
CVE-2025-54154 QNAP Authenticator — QNAP Authenticator 6.8AIMediumAI2025-10-03
CVE-2025-61665 WeGIA: Broken Access Control in `get_relatorios_socios.php` Endpoint — WeGIA 7.5 -2025-10-02
CVE-2025-41064 Incorrect authentication in GTT´s group OpenSIAC — OpenSIAC 9.8AICriticalAI2025-10-02
CVE-2025-20160 Cisco IOS和Cisco IOS XE Software 授权问题漏洞 — IOS 8.1 High2025-09-24
CVE-2025-9965 UDP Service Weak Authentication — P series (P07, P10, P12, P15) 9.1AICriticalAI2025-09-23
CVE-2025-34186 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass — EVE X1/X5 Server 9.8AICriticalAI2025-09-16
CVE-2025-10365 Authentication Bypass in Evertz SDVN — 3080ipx-10G 9.8 -2025-09-12
CVE-2025-10288 roncoo roncoo-pay list improper authentication — roncoo-pay 5.3 Medium2025-09-12
CVE-2025-58065 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods — Flask-AppBuilder 6.5 Medium2025-09-11
CVE-2025-58060 cups has Authentication bypass with AuthType Negotiate — cups 8.0 High2025-09-11
CVE-2025-10224 Incorrect Evaluation of LDAP Nested Groups during Login in AxxonSoft Axxon One (C-Werk) — AxxonOne C-Werk 5.4 Medium2025-09-10
CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability — Windows 10 Version 1507 8.8 High2025-09-09
CVE-2025-54918 Windows NTLM Elevation of Privilege Vulnerability — Windows 10 Version 1507 8.8 High2025-09-09
CVE-2025-55241 Azure Entra ID Elevation of Privilege Vulnerability — Microsoft Entra 10.0 Critical2025-09-04

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1185 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.