access:pre-auth 类型相关 19017 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2023-0457 | Mitsubishi Electric MELSEC iQ-F series 信息泄露漏洞 — MELSEC iQ-F Series FX5U-32MT/ESCWE-256 | 7.5 | High | 2023-03-03 |
| CVE-2022-41862 | PostgreSQL 安全漏洞 — postgresqlCWE-200 | 3.7 | - | 2023-03-03 |
| CVE-2023-20078 | Cisco IP Phone 缓冲区错误漏洞 — Cisco IP Phones with Multiplatform FirmwareCWE-121 | 9.8 | Critical | 2023-03-03 |
| CVE-2023-20079 | Cisco IP Phone 缓冲区错误漏洞 — Cisco IP Phones with Multiplatform FirmwareCWE-121 | 9.8 | Critical | 2023-03-03 |
| CVE-2023-20088 | Cisco Finesse 授权问题漏洞 — Cisco Unified Contact Center EnterpriseCWE-285 | 5.3 | Medium | 2023-03-03 |
| CVE-2023-20104 | Cisco Webex 跨站脚本漏洞 — Cisco Webex TeamsCWE-79 | 6.1 | Medium | 2023-03-03 |
| CVE-2023-26052 | Saleor 安全漏洞 — saleorCWE-209 | 3.7 | Low | 2023-03-02 |
| CVE-2023-0084 | WordPress plugin Metform Elementor Contact Form Builder 跨站脚本漏洞 — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-79 | 7.2 | High | 2023-03-02 |
| CVE-2023-0085 | WordPress Plugin Metform Elementor Contact Form Builder 安全漏洞 — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-693 | 5.3 | Medium | 2023-03-02 |
| CVE-2023-0656 | SonicWALL SonicOS 缓冲区错误漏洞 — SonicOSCWE-121 | 7.5 | - | 2023-03-02 |
| CVE-2023-23689 | Dell PowerScale OneFS 资源管理错误漏洞 — PowerScale OneFSCWE-400 | 5.3 | Medium | 2023-02-28 |
| CVE-2023-22757 | Aruba Networks ArubaOS 安全漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 8.1 | High | 2023-02-28 |
| CVE-2023-22756 | Aruba Networks ArubaOS 安全漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 8.1 | High | 2023-02-28 |
| CVE-2023-22755 | Aruba Networks ArubaOS 安全漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 8.1 | High | 2023-02-28 |
| CVE-2023-22754 | Aruba Networks ArubaOS 安全漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 8.1 | High | 2023-02-28 |
| CVE-2023-22753 | Aruba Networks ArubaOS 安全漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 8.1 | High | 2023-02-28 |
| CVE-2023-22752 | Aruba Networks ArubaOS 缓冲区错误漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-22751 | Aruba Networks ArubaOS 缓冲区错误漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-22750 | Aruba Networks ArubaOS 命令注入漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-22749 | Aruba Networks ArubaOS 命令注入漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-22748 | Aruba Networks ArubaOS 命令注入漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-22747 | Aruba Networks ArubaOS 命令注入漏洞 — Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central | 9.8 | Critical | 2023-02-28 |
| CVE-2023-1028 | WordPress plugin WP Meta SEO 跨站请求伪造漏洞 — WP Meta SEOCWE-352 | 4.3 | Medium | 2023-02-28 |
| CVE-2023-1080 | WordPress plugin GN Publisher 跨站脚本漏洞 — GN Publisher: Google News Compatible RSS FeedsCWE-79 | 6.1 | Medium | 2023-02-28 |
| CVE-2023-25264 | Tornado 授权问题漏洞 — n/a | 7.5 | - | 2023-02-28 |
| CVE-2023-26255 | Jira plugin STAGIL Navigation 路径遍历漏洞 — n/a | 7.5 | - | 2023-02-28 |
| CVE-2023-26256 | Jira plugin STAGIL Navigation 路径遍历漏洞 — n/a | 7.5 | - | 2023-02-28 |
| CVE-2023-27293 | OpenCats 跨站脚本漏洞 — OpenCATS | 6.1 | - | 2023-02-28 |
| CVE-2023-0331 | WordPress Plugin Correos Oficial SQL注入漏洞 — Correos Oficial | 7.5 | - | 2023-02-27 |
| CVE-2022-45140 | 多款WAGO产品 访问控制错误漏洞 — Compact Controller CC100 (751-9301)CWE-306 | 9.8 | Critical | 2023-02-27 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19017 条 CVE 漏洞。