Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19275

19275 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-37373 Siemens RUGGEDCOM CROSSBOW 访问控制错误漏洞 — RUGGEDCOM CROSSBOWCWE-306 5.3 Medium2023-08-08
CVE-2023-37372 Siemens RUGGEDCOM CROSSBOW SQL注入漏洞 — RUGGEDCOM CROSSBOWCWE-89 9.8 Critical2023-08-08
CVE-2023-3526 PHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices — CLOUD CLIENT 1101T-TX/TXCWE-79 9.6 Critical2023-08-08
CVE-2023-3572 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels — WP 6070-WVPSCWE-78 10.0 Critical2023-08-08
CVE-2023-37483 Improper Access Control Vulnerabilities in SAP PowerDesigner — SAP PowerDesignerCWE-306 9.8 Critical2023-08-08
CVE-2023-36926 Information disclosure vulnerability in SAP Host Agent — SAP Host AgentCWE-306 3.7 Low2023-08-08
CVE-2021-24916 Qubely < 1.8.6 - Unauthenticated Arbitrary E-mail Sending — Qubely 5.3 -2023-08-07
CVE-2023-33367 Control ID IDSecure SQL注入漏洞 — n/a 9.8 -2023-08-05
CVE-2020-26082 Cisco Email Security Appliance 输入验证错误漏洞 — Cisco Secure EmailCWE-20 5.8 Medium2023-08-04
CVE-2023-4139 WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-200 7.5 High2023-08-04
CVE-2023-30146 ASSMANN Electronic Digitus Plug&View IP Camera 安全漏洞 — n/a 9.1 -2023-08-04
CVE-2023-3373 Mitsubishi Electric GOT2000 安全特征问题漏洞 — GOT2000 Series GT21 modelCWE-342 5.9 Medium2023-08-03
CVE-2023-0525 Mitsubishi Electric GOT2000 加密问题漏洞 — GOT2000 Series GT27 modelCWE-261 7.5 High2023-08-03
CVE-2023-20214 Cisco SD-WAN vManage 授权问题漏洞 — Cisco SD-WAN vManageCWE-287 9.1 Critical2023-08-03
CVE-2023-20181 Cisco Small Business SPA500 Series IP Phones 跨站脚本漏洞 — Cisco Small Business IP PhonesCWE-80 6.1 Medium2023-08-03
CVE-2023-20215 Cisco Secure Web Appliance 安全漏洞 — Cisco Secure Web ApplianceCWE-202 5.8 Medium2023-08-03
CVE-2023-30950 CVE-2023-30950 — com.palantir.campaigns:campaignsCWE-290 6.5 Medium2023-08-03
CVE-2023-0956 TEL-STER TelWin SCADA WebInterface Path Traversal — TelWin SCADA WebInterface 7.5 High2023-08-03
CVE-2023-3663 CODESYS: Missing integrity check in CODESYS Development System — CODESYS Development SystemCWE-940 8.8 High2023-08-03
CVE-2023-38744 Omron CJ Series 安全漏洞 — CJ2M CPU Unit 7.5 -2023-08-03
CVE-2023-3346 Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series — MITSUBISHI CNC M800V Series M800VWCWE-120 9.8 Critical2023-08-03
CVE-2023-33363 Suprema BioStar 2 授权问题漏洞 — n/a 9.8 -2023-08-03
CVE-2023-33365 Suprema BioStar 2 路径遍历漏洞 — n/a 7.5 -2023-08-03
CVE-2023-34196 EJBCA 授权问题漏洞 — n/a 8.2 -2023-08-03
CVE-2023-38949 ZKTeco BioTime 安全漏洞 — n/a 9.8 -2023-08-03
CVE-2023-38950 Zkteco BioTime 路径遍历漏洞 — n/a 7.5 -2023-08-03
CVE-2023-38955 ZKTeco BioAccess IVS 安全漏洞 — n/a 5.3 -2023-08-03
CVE-2023-38956 ZKTeco BioAccess IVS 路径遍历漏洞 — n/a 7.5 -2023-08-03
CVE-2023-38958 ZKTeco BioAccess IVS 安全漏洞 — n/a 9.1 -2023-08-03
CVE-2023-4067 Bus Ticket Booking with Seat Reservation <= 5.2.3 - Reflected Cross-Site Scripting — Bus Ticket Booking with Seat ReservationCWE-79 6.1 Medium2023-08-02

Vulnerabilities classified as access:pre-auth represent 19275 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.