Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24278 Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation — Redirection for Contact Form 7CWE-863 7.5 -2021-05-14
CVE-2021-24284 Kaswara Modern VC Addons <= 3.0.1 - Unauthenticated Arbitrary File Upload — Kaswara Modern VC AddonsCWE-434 9.8 -2021-05-14
CVE-2021-24285 Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection — Car Seller - Auto Classifieds ScriptCWE-89 9.8 -2021-05-14
CVE-2021-32918 Prosodical Thoughts Prosody 资源管理错误漏洞 — n/a 7.5 -2021-05-13
CVE-2021-30213 Knowage 跨站脚本漏洞 — n/a 6.1 -2021-05-12
CVE-2020-28393 多款 Siemens 设备安全漏洞 — SCALANCE XM-400, XR-500CWE-682 7.5 -2021-05-12
CVE-2020-13873 Codoforum SQL注入漏洞 — n/a 9.8 -2021-05-12
CVE-2020-36289 Atlassian JIRA Server 和 Atlassian JIRA Data Center 信息泄露漏洞 — Jira Server 5.3 -2021-05-12
CVE-2021-32089 Zebra Technologies FX9500 代码问题漏洞 — n/a 9.8 -2021-05-11
CVE-2021-27573 Emote Remote Mouse 安全漏洞 — n/a 9.8 -2021-05-07
CVE-2021-27572 Emote Remote Mouse 安全漏洞 — n/a 8.1 -2021-05-07
CVE-2021-32098 Artica Pandora FMS 代码问题漏洞 — n/a 9.8 -2021-05-07
CVE-2021-32099 Artica Pandora FMS SQL注入漏洞 — n/a 9.8 -2021-05-07
CVE-2021-32101 OpenEMR 安全漏洞 — n/a 9.1 -2021-05-07
CVE-2021-31793 Night Owl WDB-20-V2 访问控制错误漏洞 — n/a 5.3 -2021-05-06
CVE-2021-32030 ASUS GT-AC2900 授权问题漏洞 — n/a 9.8 -2021-05-06
CVE-2021-1535 Cisco SD-WAN vManage Information Disclosure Vulnerability — Cisco SD-WAN vManageCWE-497 5.3 Medium2021-05-06
CVE-2021-1521 Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability — Cisco Video Surveillance 8000 Series IP CamerasCWE-119 6.5 Medium2021-05-06
CVE-2021-1515 Cisco SD-WAN vManage Information Disclosure Vulnerability — Cisco SD-WAN vManageCWE-284 4.3 Medium2021-05-06
CVE-2021-1513 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability — Cisco SD-WAN SolutionCWE-20 7.5 High2021-05-06
CVE-2021-1275 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN vManageCWE-20 9.8 Critical2021-05-06
CVE-2021-1284 Cisco SD-WAN vManage Software Authentication Bypass Vulnerability — Cisco SD-WAN vManageCWE-284 8.8 High2021-05-06
CVE-2021-1397 Cisco Integrated Management Controller Open Redirect Vulnerability — Cisco Unified Computing System (Standalone)CWE-601 4.7 Medium2021-05-06
CVE-2021-1508 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN vManageCWE-20 9.8 Critical2021-05-06
CVE-2021-1506 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN vManageCWE-20 9.8 Critical2021-05-06
CVE-2021-1505 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN vManageCWE-20 9.8 Critical2021-05-06
CVE-2021-1499 Cisco HyperFlex HX Data Platform File Upload Vulnerability — Cisco HyperFlex HX Data PlatformCWE-306 5.3 Medium2021-05-06
CVE-2021-1498 Cisco HyperFlex HX Command Injection Vulnerabilities — Cisco HyperFlex HX Data PlatformCWE-78 9.8 Critical2021-05-06
CVE-2021-1497 Cisco HyperFlex HX Command Injection Vulnerabilities — Cisco HyperFlex HX Data PlatformCWE-78 9.8 Critical2021-05-06
CVE-2021-1490 Cisco Web Security Appliance Cross-Site Scripting Vulnerability — Cisco Web Security Appliance (WSA)CWE-79 4.7 Medium2021-05-06

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.