Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19539

19539 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-1615 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-410 8.6 High2021-09-23
CVE-2021-1611 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers EoGRE Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 8.6 High2021-09-23
CVE-2021-1565 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34770 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability — Cisco IOS XE SoftwareCWE-122 10.0 Critical2021-09-23
CVE-2021-34769 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34768 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34767 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-670 7.4 High2021-09-23
CVE-2021-34740 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability — Cisco Aironet Access Point SoftwareCWE-401 7.4 High2021-09-23
CVE-2021-34727 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability — Cisco IOS XE SD-WAN SoftwareCWE-120 9.8 Critical2021-09-23
CVE-2021-34705 Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability — Cisco IOSCWE-232 5.3 Medium2021-09-23
CVE-2021-34714 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability — Cisco IOSCWE-20 7.4 High2021-09-23
CVE-2021-34703 Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability — Cisco IOSCWE-456 6.8 Medium2021-09-23
CVE-2021-34697 Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability — Cisco IOS XE SoftwareCWE-665 5.8 Medium2021-09-23
CVE-2021-34696 Cisco ASR 900 and ASR 920 Series Aggregation Services Routers Access Control List Bypass Vulnerability — Cisco IOS XE SoftwareCWE-284 5.8 Medium2021-09-23
CVE-2021-1625 Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability — Cisco IOS XE SoftwareCWE-284 5.8 Medium2021-09-23
CVE-2021-1624 Cisco IOS XE Software Rate Limiting Network Address Translation Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 8.6 High2021-09-23
CVE-2021-1622 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-833 8.6 High2021-09-23
CVE-2019-6288 Edgecore ECS2020 命令注入漏洞 — n/a 9.8 -2021-09-22
CVE-2021-40684 Talend ESB 授权问题漏洞 — n/a 9.8 -2021-09-22
CVE-2021-28960 ZOHO ManageEngine Desktop Central 命令注入漏洞 — n/a 9.8 -2021-09-21
CVE-2020-16630 Texas Instruments Ble Stack 安全漏洞 — n/a 6.8 -2021-09-20
CVE-2021-39402 Maian Script World Maian Affiliate 代码注入漏洞 — n/a 7.2 -2021-09-20
CVE-2021-24741 Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections — Support BoardCWE-89 9.8 -2021-09-20
CVE-2021-24657 Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login AttemptsCWE-79 6.1 -2021-09-20
CVE-2021-24638 OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API — OMGF | Host Google Fonts LocallyCWE-22 9.1 -2021-09-20
CVE-2021-24618 Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCodeCWE-79 5.4 -2021-09-20
CVE-2019-9060 CMS Made Simple 路径遍历漏洞 — n/a 7.5 -2021-09-17
CVE-2021-41314 NETGEAR 注入漏洞 — n/a 8.8 -2021-09-16
CVE-2021-33705 SAP Enterprise Portal 代码问题漏洞 — SAP NetWeaver Enterprise PortalCWE-918 9.3 -2021-09-15
CVE-2021-33697 SAP ERP 安全漏洞 — SAP BusinessObjects Business Intelligence Platform (SAPUI5)CWE-1022 6.1 -2021-09-15

Vulnerabilities classified as access:pre-auth represent 19539 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.