Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19627

19627 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-41442 D-Link Dir-X1860 环境问题漏洞 — n/a 7.5 -2022-02-09
CVE-2021-41441 D-Link Dir-X1860 安全漏洞 — n/a 7.4 -2022-02-09
CVE-2021-37205 Siemens SIMATIC S7-1500 系列产品输入验证错误漏洞 — SIMATIC Drive Controller familyCWE-401 7.5 High2022-02-09
CVE-2021-37204 Siemens SIMATIC S7-1500系列产品输入验证错误漏洞 — SIMATIC Drive Controller familyCWE-672 7.5 High2022-02-09
CVE-2021-37185 Siemens SIMATIC S7-1500 系列产品输入验证错误漏洞 — SIMATIC Drive Controller familyCWE-672 7.5 High2022-02-09
CVE-2022-22146 TransmitMail 跨站脚本漏洞 — TransmitMail 6.1 -2022-02-08
CVE-2022-22142 Econosys System Php_Mailform 跨站脚本漏洞 — php_mailform 6.1 -2022-02-08
CVE-2022-21805 Econosys System Php_Mailform 跨站脚本漏洞 — php_mailform 6.1 -2022-02-08
CVE-2022-21241 Csv+ 跨站脚本漏洞 — CSV+ 8.2 -2022-02-08
CVE-2022-21193 TransmitMail 路径遍历漏洞 — TransmitMail 7.5 -2022-02-08
CVE-2022-23613 Privilege escalation on xrdp — xrdpCWE-191 7.8 High2022-02-07
CVE-2021-25114 Paid Memberships Pro < 2.6.7 - Unauthenticated Blind SQL Injection — Paid Memberships ProCWE-89 9.8 -2022-02-07
CVE-2021-24839 SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion — SupportCandy – Helpdesk & Support Ticket SystemCWE-862 7.5 -2022-02-07
CVE-2022-22832 Servisnet Tessa 安全漏洞 — n/a 9.8 -2022-02-06
CVE-2021-38960 IBM OPENBMC OP910 信息泄露漏洞 — OPENBMC 7.5 -2022-02-04
CVE-2022-22727 Schneider Electric EcoStruxure Power Monitoring Expert 输入验证错误漏洞 — EcoStruxure Power Monitoring Expert (Versions 2020 and prior)CWE-20 8.8 -2022-02-04
CVE-2022-0218 WP HTML Mail <= 3.0.9 Missing Authorization on REST-API Route — WP HTML MailCWE-862 8.3 High2022-02-04
CVE-2021-44779 WordPress [GWA] AutoResponder plugin <= 2.3 - Unauthenticated SQL Injection (SQLi) vulnerability — [GWA] AutoResponder (WordPress plugin)CWE-89 7.3 High2022-02-04
CVE-2021-29398 Northstar Club Management 路径遍历漏洞 — n/a 5.3 -2022-02-04
CVE-2021-29396 Northstar Club Management 授权问题漏洞 — n/a 9.8 -2022-02-04
CVE-2021-29395 Northstar Club Management 路径遍历漏洞 — n/a 7.5 -2022-02-04
CVE-2021-29393 Northstar Club Management 操作系统命令注入漏洞 — n/a 9.8 -2022-02-04
CVE-2022-24259 Voipmonitor 授权问题漏洞 — n/a 9.8 -2022-02-04
CVE-2021-42642 PrinterLogic Web Stack 安全漏洞 — n/a 7.5 -2022-02-02
CVE-2021-42641 PrinterLogic Web Stack 安全漏洞 — n/a 7.5 -2022-02-02
CVE-2021-42640 PrinterLogic Web Stack 安全漏洞 — n/a 9.1 -2022-02-02
CVE-2022-22510 CODESYS: Null Pointer Dereference in CODESYS PROFINET stack — n/a 7.5 High2022-02-02
CVE-2021-36177 Fortinet FortiAuthenticator 安全漏洞 — n/a 4.2 Medium2022-02-02
CVE-2021-42638 PrinterLogic Web Stack 命令注入漏洞 — n/a 8.1 -2022-02-01
CVE-2022-0320 Essential Addons for Elementor < 5.0.5 - Unauthenticated LFI — Essential Addons for ElementorCWE-22 9.8 -2022-02-01

Vulnerabilities classified as access:pre-auth represent 19627 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.