Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19499

19499 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-42851 Lenovo Personal Cloud Storage 安全漏洞 — Personal Cloud Storage A1CWE-862 6.3 Medium2022-05-18
CVE-2021-42848 Lenovo Personal Cloud Storage 安全漏洞 — Personal Cloud Storage A1CWE-862 4.3 Medium2022-05-18
CVE-2021-3956 Lenovo XClarity Controller 安全漏洞 — XClarity Controller (XCC)CWE-863 4.3 Medium2022-05-18
CVE-2022-28955 D-Link DIR816 授权问题漏洞 — n/a 7.5 -2022-05-18
CVE-2022-1361 Cambium Networks cnMaestro SQL Injection — cnMaestroCWE-89 7.4 High2022-05-17
CVE-2022-1357 Cambium Networks cnMaestro OS Command Injection — cnMaestroCWE-78 9.8 Critical2022-05-17
CVE-2022-24856 Server-Side Request Forgery in FlyteConsole — flyteconsoleCWE-918 9.1 Critical2022-05-17
CVE-2021-27446 Weintek EasyWeb cMT Code Injection — cMT-SVR-1xx/2xxCWE-94 10.0 Critical2022-05-16
CVE-2021-27444 Weintek EasyWeb cMT Improper Access Control — cMT-SVR-1xx/2xxCWE-284 9.8 Critical2022-05-16
CVE-2021-27442 Weintek EasyWeb cMT Cross-site Scripting — cMT-SVR-1xx/2xxCWE-79 9.4 Critical2022-05-16
CVE-2022-1560 Amministrazione Aperta < 3.8 - Admin+ LFI — Amministrazione ApertaCWE-22 8.1 -2022-05-16
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi — Pricing Table PluginCWE-89 9.8 -2022-05-16
CVE-2021-33009 mySCADA myPRO Unrestricted Upload of File with Dangerous Type — myPROCWE-434 7.5 High2022-05-13
CVE-2021-33005 mySCADA myPRO Path Traversal — myPROCWE-22 7.5 High2022-05-13
CVE-2021-22275 Denial of service vulnerability on Automation Runtime webserver — Automation Runtime webserverCWE-120 8.6 High2022-05-13
CVE-2022-29854 Mitel 6900 Series IP Phone MiNet 安全漏洞 — n/a 6.8 -2022-05-13
CVE-2020-22983 MicroStrategy Web SDK 代码问题漏洞 — n/a 8.1 -2022-05-13
CVE-2020-22985 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22986 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22987 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22984 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2022-23166 Sysaid – Sysaid Local File Inclusion (LFI) — Sysaid 6.1 Medium2022-05-12
CVE-2022-0004 Intel Processors 安全特征问题漏洞 — Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT 6.8 -2022-05-12
CVE-2021-33082 多款Intel产品安全漏洞 — Intel(R) SSD and Intel(R) Optane(TM) SSD Products 4.6 -2022-05-12
CVE-2021-33074 多款Intel产品安全漏洞 — Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products 4.6 -2022-05-12
CVE-2021-33080 多款Intel产品安全漏洞 — Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products 6.8 -2022-05-12
CVE-2021-33077 多款Intel产品安全漏洞 — Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products 6.8 -2022-05-12
CVE-2021-33130 Intel RealSense ID Solution F450 安全漏洞 — Intel(R) RealSense(TM) ID Solution F450 4.6 -2022-05-12
CVE-2022-29538 RESI Gemini-Net 安全漏洞 — n/a 5.3 -2022-05-12
CVE-2022-29539 RESI Gemini-Net 操作系统命令注入漏洞 — n/a 9.8 -2022-05-12

Vulnerabilities classified as access:pre-auth represent 19499 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.