Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-294 (使用捕获-重放进行的认证绕过) — Vulnerability Class 86

86 vulnerabilities classified as CWE-294 (使用捕获-重放进行的认证绕过). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-49595 Dell Wyse Management Suite 安全漏洞 — Wyse Management Suite 7.6 High2024-11-26
CVE-2024-22066 ZTE ZXR10 ZSR 安全漏洞 — ZXR10 1800-2S 7.5 High2024-10-29
CVE-2024-43099 AutomationDirect DirectLogic H2-DM1E Authentication Bypass by Capture-replay — DirectLogic H2-DM1E 8.8 High2024-09-13
CVE-2024-8260 OPA SMB Force-Authentication — OPA 6.1 Medium2024-08-30
CVE-2024-3982 Hitachi Energy MicroSCADA X SYS600 安全漏洞 — MicroSCADA SYS600 8.2 High2024-08-27
CVE-2024-5249 SAML Replay in Akana — Akana API Platform 5.4 Medium2024-07-30
CVE-2024-38438 D-Link - CWE-294: Authentication Bypass by Capture-replay — DSL-225 9.8 Critical2024-07-21
CVE-2024-38272 Auth Bypass in Quick Share — Nearby 7.5AIHighAI2024-06-26
CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600) — Vigilant Fixed LPR Coms Box (BCAV1F2-C600) 9.1AICriticalAI2024-06-13
CVE-2024-34065 @strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass — strapi 7.1 High2024-06-12
CVE-2024-29901 @workos-inc/authkit-nextjs session replay vulnerability — authkit-nextjs 4.8 Medium2024-03-29
CVE-2023-6374 Mitsubishi Electric MELSEC WS Series 安全漏洞 — MELSEC WS Series WS0-GETH00200 5.9 Medium2024-01-30
CVE-2023-39547 NEC Corporation CLUSTERPRO 安全漏洞 — CLUSTERPRO X (EXPRESSCLUSTER X) 8.8 -2023-11-17
CVE-2023-45794 Siemens Mendix Applications 安全漏洞 — Mendix Applications using Mendix 10 6.8 Medium2023-11-14
CVE-2023-36857 Baker Hughes Bently Nevada 3500 System Authentication Bypass by Capture-replay — Bently Nevada 3500 System 5.4 Medium2023-10-18
CVE-2023-39373 Hyundai car CWE-294: Authentication Bypass by Capture-replay — model (2017) 7.4 High2023-09-03
CVE-2022-48507 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-07-06
CVE-2023-2846 Authentication Bypass Vulnerability in MELSEC-F Series main module — MELSEC-F Series FX3U-16MR/ES 7.5 High2023-06-30
CVE-2023-29158 SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay — PowerSYSTEM Center 6.1 Medium2023-06-19
CVE-2023-20123 Cisco Duo Authentication for macOS and Duo Authentication for Windows Logon Offline Credentials Replay Vulnerability — Cisco Duo 6.3 Medium2023-04-05
CVE-2023-1886 Authentication Bypass by Capture-replay in thorsten/phpmyfaq — thorsten/phpmyfaq 7.3 High2023-04-05
CVE-2023-1537 Authentication Bypass by Capture-replay in answerdev/answer — answerdev/answer 9.8 -2023-03-21
CVE-2022-45789 Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control Expert 8.1 High2023-01-31
CVE-2023-0014 Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform — NetWeaver ABAP Server and ABAP Platform 9.0 Critical2023-01-10
CVE-2022-44457 Siemens Mendix SAML Module 安全漏洞 — Mendix SAML (Mendix 7 compatible) 9.8 -2022-11-08
CVE-2022-29475 Abode Iota 信息泄露漏洞 — iota All-In-One Security Kit 8.1 -2022-10-25
CVE-2022-40621 WAVLINK Quantum D4G (WN531G3) Pass-The-Hash — WN531G3 8.1 -2022-09-13
CVE-2022-37011 Siemens Mendix SAML Module 安全漏洞 — Mendix SAML (Mendix 7 compatible) 9.8 -2022-09-13
CVE-2022-36089 VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay — kubevela 8.2 High2022-09-07
CVE-2022-31158 Authentication Bypass by Capture-replay in packbackbooks/lti-1-3-php-library — lti-1-3-php-library 7.5 High2022-07-15

Vulnerabilities classified as CWE-294 (使用捕获-重放进行的认证绕过) represent 86 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.