Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19504

19504 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-20592 Mitsubishi Electric GOT2000 安全漏洞 — GOT2000 series GT27 model; GT25 model; GT23 model; GT SoftGOT2000 7.5 -2021-08-05
CVE-2021-21739 ZTE ZXCTN 数据伪造问题漏洞 — <ZXCTN 6120H>--2021-08-05
CVE-2021-23849 Cross Site Request Forgery (CSRF) vulnerability in web based management interface — CPP FirmwareCWE-352 7.5 High2021-08-05
CVE-2021-32579 Acronis True Image 授权问题漏洞 — n/a 7.8 -2021-08-05
CVE-2021-38095 Planview Spigit 安全漏洞 — n/a 5.3 -2021-08-05
CVE-2021-22124 Fortinet FortiSandbox 和 Fortinet FortiAuthenticator 资源管理错误漏洞 — Fortinet FortiSandbox, FortiAuthenticator 7.5 High2021-08-04
CVE-2021-24014 Fortinet FortiSandbox 跨站脚本漏洞 — Fortinet FortiSandbox 5.4 Medium2021-08-04
CVE-2021-1602 Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability — Cisco Small Business RV Series Router FirmwareCWE-78 8.2 High2021-08-04
CVE-2021-35397 Drogon 路径遍历漏洞 — n/a 7.5 -2021-08-04
CVE-2021-33323 Liferay Portal 和 Liferay DXP 安全漏洞 — n/a 5.3 -2021-08-03
CVE-2021-37558 Centreon SQL注入漏洞 — n/a 9.8 -2021-08-03
CVE-2021-21579 Dell EMC iDRAC9 输入验证错误漏洞 — Integrated Dell Remote Access Controller (iDRAC)CWE-601 6.1 Medium2021-08-03
CVE-2021-21578 Dell EMC iDRAC9 输入验证错误漏洞 — Integrated Dell Remote Access Controller (iDRAC)CWE-601 6.1 Medium2021-08-03
CVE-2021-24504 WP LMS <= 1.1.2 - Stored Cross-Site Scripting (XSS) — WP LMS – Best WordPress LMS PluginCWE-79 6.1 -2021-08-02
CVE-2021-24474 Awesome Weather Widget <= 3.0.2 - Reflected Cross-site Scripting (XSS) — Awesome Weather WidgetCWE-79 6.1 -2021-08-02
CVE-2021-24472 Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Unauthenticated RFI and SSRF — QT KenthaRadioCWE-918 9.8 -2021-08-02
CVE-2021-34575 Information Exposure in mymbCONNECT24, mbCONNECT24 <= 2.8.0 — mymbCONNECT24CWE-203 7.5 High2021-08-02
CVE-2021-20114 Tecnick.com TCExam 信息泄露漏洞 — TCExam 7.5 -2021-07-29
CVE-2021-21538 DELL Dell EMC iDRAC9 授权问题漏洞 — Integrated Dell Remote Access Controller (iDRAC)CWE-287 9.6 Critical2021-07-29
CVE-2020-5329 DELL Dell EMC Avamar Server 输入验证错误漏洞 — AvamarCWE-601 6.1 -2021-07-29
CVE-2020-5351 Dell EMC Data Protection Advisor 安全漏洞 — Data Protection AdvisorCWE-259 7.5 High2021-07-28
CVE-2020-5341 Dell EMC Avamar Server 代码问题漏洞 — Avamar Virtual EditionCWE-502 9.8 Critical2021-07-28
CVE-2021-37593 Advisto PEEL SHOPPING SQL注入漏洞 — n/a 9.1 -2021-07-27
CVE-2020-16839 多款 Crestron 设备授权问题漏洞 — n/a 7.5 -2021-07-27
CVE-2021-36004 Adobe InDesign CoolType out of bounds write vulnerability could lead to arbitrary stack manipulation — InDesignCWE-787 8.8 High2021-07-27
CVE-2020-7388 Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing — X3CWE-290 10.0 Critical2021-07-22
CVE-2021-33032 EQ-3 eQ-3 HomeMatic CCU2 和 CCU3 操作系统命令注入漏洞 — n/a 9.8 -2021-07-22
CVE-2021-35464 ForgeRock AM 代码问题漏洞 — n/a 9.8 -2021-07-22
CVE-2021-33478 Broadcom Media exChange 缓冲区错误漏洞 — n/a 6.8 -2021-07-22
CVE-2021-1600 Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities — Cisco Intersight Virtual ApplianceCWE-284 8.3 High2021-07-22

Vulnerabilities classified as access:pre-auth represent 19504 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.