Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-0452 Econolite EOS traffic control software 加密问题漏洞 — EOSCWE-328 9.8 Critical2023-01-26
CVE-2022-46967 Revenue Collection System 安全漏洞 — n/a 7.5 -2023-01-26
CVE-2023-22971 Hughes Network Systems HX200 跨站脚本漏洞 — n/a 6.1 -2023-01-26
CVE-2023-22500 glpi Unauthorized access to inventory files — glpiCWE-863 7.5 High2023-01-25
CVE-2022-31704 VMware vRealize Log Insight 安全漏洞 — vRealize Log Insight (vRLI) 9.8 -2023-01-25
CVE-2022-31706 VMware vRealize Log Insight 路径遍历漏洞 — vRealize Log Insight (vRLI) 9.8 -2023-01-25
CVE-2022-31710 VMware vRealize Log Insight 代码问题漏洞 — vRealize Log Insight (vRLI) 7.5 -2023-01-25
CVE-2022-31711 VMware vRealize Log Insight 信息泄露漏洞 — vRealize Log Insight (vRLI) 7.5 -2023-01-25
CVE-2022-47052 NETGEAR Nighthawk AC1200 注入漏洞 — n/a 6.1 -2023-01-25
CVE-2020-18329 Carel pCOWeb 安全漏洞 — n/a 7.5 -2023-01-25
CVE-2022-27508 Unauthenticated denial of service — Citrix Application Delivery Controller (Citrix ADC) and Citrix GatewayCWE-400 7.5 -2023-01-24
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload — WeStand 9.8 -2023-01-23
CVE-2022-4305 Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin — Login as User or Customer 9.8 -2023-01-23
CVE-2022-4383 CBX Petition for WordPress <= 1.0.3 - Unauthenticated SQLi — CBX Petition for WordPress 9.8 -2023-01-23
CVE-2021-24881 Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access — Passster 7.5 -2023-01-23
CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS — پلاگین پرداخت دلخواه 6.1 -2023-01-23
CVE-2021-43447 Ascensio System ONLYOFFICE 访问控制错误漏洞 — n/a 7.5 -2023-01-23
CVE-2022-37718 EdgeNexus ADC 操作系统命令注入漏洞 — n/a 8.8 -2023-01-23
CVE-2023-23607 Unrestricted file upload leads to Remote Code Execution in erohtar/Dasherr — DasherrCWE-434 9.8 Critical2023-01-20
CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series — MELSEC iQ-F Series FX5U-32MT/ESCWE-337 5.9 Medium2023-01-20
CVE-2023-23691 Dell MEC PV ME5 环境问题漏洞 — Dell PowerVault ME5CWE-444 8.1 High2023-01-20
CVE-2023-22331 Contec CONPROSYS HMI System 安全漏洞 — CONPROSYS HMI System (CHS) 7.5 -2023-01-20
CVE-2023-22339 Contec CONPROSYS HMI System 安全漏洞 — CONPROSYS HMI System (CHS) 7.5 -2023-01-20
CVE-2023-23488 WordPress Plugin The Paid Memberships Pro SQL注入漏洞 — Paid Memberships Pro WordPress Plugin 9.8 -2023-01-20
CVE-2023-23489 WordPress Plugin The Easy Digital Downloads SQL注入漏洞 — Easy Digital Downloads WordPress Plugin 9.8 -2023-01-20
CVE-2022-47732 Yeastar N412和Yeastar N824 安全漏洞 — n/a 7.5 -2023-01-20
CVE-2023-0403 Social Warfare <= 4.3.1 - Cross-Site Request Forgery — Social Sharing Plugin – Social WarfareCWE-352 5.4 Medium2023-01-19
CVE-2022-3738 WAGO: Missing authentication for config export functionality in multiple products — Series WAGO PFC100CWE-306 5.9 Medium2023-01-19
CVE-2023-20058 Cisco Unified Intelligence Center 跨站脚本漏洞 — Cisco Unified Contact Center EnterpriseCWE-79 6.1 -2023-01-19
CVE-2023-20019 Cisco BroadWorks Application 跨站脚本漏洞 — Cisco BroadWorksCWE-79 6.1 Medium2023-01-19

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.