access:pre-auth 类型相关 19010 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2023-31595 | IC Realtime ICIP-P2012T 安全漏洞 — n/a | 9.8 | - | 2023-05-24 |
| CVE-2023-33009 | Zyxel ATP 安全漏洞 — ATP series firmwareCWE-120 | 9.8 | Critical | 2023-05-24 |
| CVE-2023-33010 | Zyxel ATP 安全漏洞 — ATP series firmwareCWE-120 | 9.8 | Critical | 2023-05-24 |
| CVE-2023-33796 | NetBox 安全漏洞 — n/a | 7.5 | - | 2023-05-24 |
| CVE-2023-23545 | ESPEC MIC 多款产品访问控制错误漏洞 — T&D Corporation and ESPEC MIC CORP. data logger products | 9.1 | - | 2023-05-23 |
| CVE-2023-27387 | ESPEC MIC多款产品跨站请求伪造漏洞 — T&D Corporation and ESPEC MIC CORP. data logger products | 8.3 | - | 2023-05-23 |
| CVE-2023-27388 | ESPEC MIC多款产品授权问题漏洞 — T&D Corporation and ESPEC MIC CORP. data logger products | 9.8 | - | 2023-05-23 |
| CVE-2023-27922 | WordPress plugin Newsletter 跨站脚本漏洞 — Newsletter | 6.1 | - | 2023-05-23 |
| CVE-2023-28408 | WordPress plugin MW WP Form 路径遍历漏洞 — MW WP Form | 6.5 | - | 2023-05-23 |
| CVE-2023-28409 | WordPress plugin MW WP Form 代码问题漏洞 — MW WP Form | 9.8 | - | 2023-05-23 |
| CVE-2023-28413 | WordPress plugin Snow Monkey Forms 路径遍历漏洞 — Snow Monkey Forms | 9.8 | - | 2023-05-23 |
| CVE-2023-2276 | WordPress Plugin WCFM Membership 安全漏洞 — WCFM Membership – WooCommerce Memberships for Multivendor MarketplaceCWE-639 | 9.8 | Critical | 2023-05-20 |
| CVE-2023-2717 | WordPress Plugin Groundhogg 跨站请求伪造漏洞 — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-352 | 5.4 | Medium | 2023-05-20 |
| CVE-2023-1618 | Mitsubishi Electric Corporation MELSEC WS 安全漏洞 — MELSEC WS Series WS0-GETH00200CWE-489 | 7.5 | High | 2023-05-19 |
| CVE-2023-2704 | WordPress Plugin BP Social Connect 访问控制错误漏洞 — BP Social ConnectCWE-288 | 9.8 | Critical | 2023-05-19 |
| CVE-2023-20160 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20161 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20162 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20189 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20003 | Cisco Business Wireless Access Points 访问控制错误漏洞 — Cisco Business Wireless Access Point SoftwareCWE-288 | 4.7 | Medium | 2023-05-18 |
| CVE-2023-20024 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20156 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20157 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20158 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-20159 | Cisco Small Business 安全漏洞 — Cisco Small Business Smart and Managed SwitchesCWE-120 | 8.6 | High | 2023-05-18 |
| CVE-2023-2745 | WordPress 路径遍历漏洞 — WordPressCWE-22 | 5.4 | Medium | 2023-05-17 |
| CVE-2023-2608 | WordPress plugin Multiple Page Generator 跨站请求伪造漏洞 — Multiple Page Generator Plugin – MPGCWE-352 | 3.1 | Low | 2023-05-17 |
| CVE-2023-2706 | WordPress plugin OTP Login Woocommerce & Gravity Forms 授权问题漏洞 — OTP Login & Register WoocommerceCWE-287 | 8.1 | High | 2023-05-17 |
| CVE-2023-2528 | WordPress plugin Contact Form by Supsystic 跨站请求伪造漏洞 — Contact Form by SupsysticCWE-352 | 5.4 | Medium | 2023-05-16 |
| CVE-2023-28076 | Dell CloudLink 加密问题漏洞 — CloudLinkCWE-327 | 5.9 | Medium | 2023-05-16 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19010 条 CVE 漏洞。