Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CWE-290 (使用欺骗进行的认证绕过) — Vulnerability Class 273

273 vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过). AI Chinese analysis included.

CWE-290 represents a critical authentication weakness where systems fail to properly validate the origin of identity claims, allowing attackers to bypass security controls through spoofing. This vulnerability typically arises when authentication mechanisms rely on easily forged data, such as IP addresses or HTTP headers, without implementing robust verification. Attackers exploit this by injecting malicious or manipulated credentials that mimic legitimate users, thereby gaining unauthorized access to sensitive resources or administrative functions. To mitigate this risk, developers must implement multi-factor authentication and ensure that identity verification relies on cryptographically secure tokens rather than easily spoofable network identifiers. Additionally, rigorous input validation and strict adherence to secure authentication protocols, such as OAuth or OpenID Connect, help prevent attackers from impersonating valid entities, ensuring that only genuinely authenticated users can access protected systems.

MITRE CWE Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Common Consequences (1)
Access ControlBypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.
Examples (2)
The following code authenticates users.
String sourceIP = request.getRemoteAddr(); if (sourceIP != null && sourceIP.equals(APPROVED_IP)) { authenticated = true; }
Bad · Java
Both of these examples check if a request is from a trusted address before responding to the request.
sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==getTrustedAddress()) { n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen); } }
Bad · C
while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData(),0, rp.getLength()); InetAddress clientIPAddress = rp.getAddress(); int port = rp.getPort(); if (isTrustedAddress(clientIPAddress) & secretKey.equals(in)) { out = secret.getBytes(); DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-53857 OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy — OpenClaw 8.1 High2026-06-16
CVE-2026-53849 OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Discord Display Names in allowFrom — OpenClaw 8.1 High2026-06-16
CVE-2026-42662 WordPress Event Tickets plugin <= 5.27.5 - Bypass Vulnerability vulnerability — Event Tickets 6.5 Medium2026-06-15
CVE-2026-27089 WordPress WpTravelly plugin <= 2.1.7 - Bypass Vulnerability vulnerability — WpTravelly 7.5 High2026-06-15
CVE-2026-49757 OAuth2/OIDC account takeover in AshAuthentication via email-based user matching — ash_authentication--2026-06-15
CVE-2026-34025 IP restriction bypass in Wertheim SafeController Software allows logins from unauthorized network locations — Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)--2026-06-15
CVE-2026-53833 QQBot for OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command — OpenClaw 7.7 High2026-06-12
CVE-2026-53832 OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration — OpenClaw 7.7 High2026-06-12
CVE-2026-53823 OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom — OpenClaw 8.1 High2026-06-12
CVE-2026-5792 Authentication Bypass in Hedef Media's Related Marketing Cloud (RMC) — Related Marketing Cloud (RMC) 6.5 Medium2026-06-12
CVE-2026-53817 OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing — OpenClaw 8.8 High2026-06-11
CVE-2026-53811 OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Display Names in Matrix allowFrom — OpenClaw 8.8 High2026-06-11
CVE-2026-6090 Lenovo Smart Connect 安全漏洞 — Smart Connect 7.0 High2026-06-10
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability — Azure HorizonDB 10.0 Critical2026-06-04
CVE-2026-8644 IBM WebSphere Application Server is affected by an identity spoofing vulnerability — WebSphere Application Server 9.1 Critical2026-06-01
CVE-2026-42674 WordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerability — Advanced Access Manager 7.5 High2026-06-01
CVE-2026-47123 FreeScout: Agent Impersonation via Missing HMAC Verification on Notification Reply Message-ID Path — freescout 7.5 High2026-05-29
CVE-2026-44649 SillyTavern: Authentication Bypass via SSO Header Injection — SillyTavern 9.8 Critical2026-05-29
CVE-2026-46414 Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking — UFO 8.8 High2026-05-27
CVE-2026-8676 Silicon Simplicity SDK 安全漏洞 — Simplicity SDK 8.8 High2026-05-26
CVE-2018-25361 Soroush IM Desktop App 0.17.0 Authentication Bypass via Database Injection — Soroush IM Desktop App 6.8 Medium2026-05-25
CVE-2026-7507 Org.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeover — Red Hat build of Keycloak 26.2 7.5 High2026-05-19
CVE-2026-46356 Fleet: IP spoofing allows bypassing API rate limiting — fleet--2026-05-14
CVE-2026-24899 Fleet Windows MDM Azure AD JWT Authentication Bypass — fleet--2026-05-14
CVE-2026-24000 Fleet has a rate limiting bypass via untrusted client IP headers — fleet--2026-05-14
CVE-2026-40460 NGINX ngx_quic_module vulnerability — NGINX Plus 6.5 Medium2026-05-13
CVE-2026-44183 Cleanuparr: X-Forwarded-For leftmost parsing allows remote unauthenticated admin takeover when reverse-proxy mode is enabled — Cleanuparr 9.8 Critical2026-05-12
CVE-2026-45223 Crabbox < 0.9.0 Authentication Bypass via Admin Claim Injection — crabbox 8.8 High2026-05-11
CVE-2021-47923 OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie — opencart 9.8 Critical2026-05-10
CVE-2026-42354 Sentry: Improper authentication on SAML SSO process allows user identity linking — sentry 9.1 Critical2026-05-08

Vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过) represent 273 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.