access:pre-auth 类型相关 19065 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2022-23970 | ASUS RT-AX56U 路径遍历漏洞 — RT-AX56UCWE-22 | 8.1 | High | 2022-04-07 |
| CVE-2022-22519 | 3S-Smart Software Solutions CODESYS Control 缓冲区错误漏洞 — CODESYS Control RTE (SL)CWE-126 | 7.5 | High | 2022-04-07 |
| CVE-2022-22517 | CODESYS 安全特征问题漏洞 — CODESYS Control RTE (SL)CWE-334 | 7.5 | High | 2022-04-07 |
| CVE-2020-22253 | 多款 Xiongmai 产品安全漏洞 — n/a | 9.8 | - | 2022-04-06 |
| CVE-2022-26591 | FANTEC MWiD25-DS 授权问题漏洞 — n/a | 7.5 | - | 2022-04-06 |
| CVE-2022-20756 | Cisco Identity Services Engine 资源管理错误漏洞 — Cisco Identity Services Engine SoftwareCWE-399 | 8.6 | High | 2022-04-06 |
| CVE-2022-20675 | 多款 Cisco 产品安全漏洞 — Cisco Web Security Appliance (WSA)CWE-248 | 5.3 | Medium | 2022-04-06 |
| CVE-2022-20774 | Cisco IP Phone 跨站请求伪造漏洞 — Cisco IP Phone 7800 Series with Multiplatform FirmwareCWE-345 | 6.8 | Medium | 2022-04-06 |
| CVE-2022-20784 | Cisco Web Security Appliance 输入验证错误漏洞 — Cisco Web Security Appliance (WSA)CWE-20 | 5.8 | Medium | 2022-04-06 |
| CVE-2021-22127 | Fortinet FortiClient 操作系统命令注入漏洞 — Fortinet FortiClientLinux | 7.1 | High | 2022-04-06 |
| CVE-2021-43205 | Fortinet FortiClient 信息泄露漏洞 — Fortinet FortiClientLinux | 4.3 | Medium | 2022-04-06 |
| CVE-2021-32593 | Fortinet FortiWan 加密问题漏洞 — Fortinet FortiWAN | 6.5 | Medium | 2022-04-06 |
| CVE-2021-26114 | Fortinet FortiWan SQL注入漏洞 — Fortinet FortiWAN | 9.8 | Critical | 2022-04-06 |
| CVE-2021-26112 | Fortinet FortiWAN 缓冲区错误漏洞 — Fortinet FortiWAN | 8.1 | High | 2022-04-06 |
| CVE-2022-23441 | Fortinet FortiEDR 信任管理问题漏洞 — Fortinet FortiEDR | 9.1 | Critical | 2022-04-06 |
| CVE-2022-1248 | SAP Information System 访问控制错误漏洞 — SAP Information SystemCWE-287 | 7.3 | High | 2022-04-06 |
| CVE-2021-30497 | Ivanti Avalanche 路径遍历漏洞 — n/a | 7.5 | - | 2022-04-06 |
| CVE-2022-26952 | Digi Passport 缓冲区错误漏洞 — n/a | 9.1 | - | 2022-04-06 |
| CVE-2022-28219 | ZOHO ManageEngine ADAudit Plus 代码问题漏洞 — n/a | 9.8 | - | 2022-04-05 |
| CVE-2022-23698 | Hewlett Packard Enterprise OneView 安全漏洞 — HPE OneView | 7.5 | - | 2022-04-04 |
| CVE-2022-25569 | Bettini Srl GAMS Product Line信任管理问题漏洞 — n/a | 9.8 | - | 2022-04-04 |
| CVE-2022-1167 | WordPress plugin CareerUp Careerup WordPress theme 跨站脚本漏洞 — CareerupCWE-79 | 6.1 | - | 2022-04-04 |
| CVE-2022-0709 | WordPress plugin Booking Package信息泄露漏洞 — Booking Package – Appointment Booking Calendar SystemCWE-200 | 7.5 | - | 2022-04-04 |
| CVE-2022-25160 | Mitsubishi Electric Factory Automation 安全漏洞 — Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU; Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU; Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU; Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU; Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU; Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4); Mitsubishi Electric MELSEC iQ-R series RJ71EN71; Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2; Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4); Mitsubishi Electric MELSEC Q series QJ71E71-100 | 7.5 | - | 2022-04-01 |
| CVE-2022-25159 | Mitsubishi Electric MELSEC iQ-F series 安全漏洞 — Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU; Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU; Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU; Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU; Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU; Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4); Mitsubishi Electric MELSEC iQ-R series RJ71EN71; Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2; Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4); Mitsubishi Electric MELSEC Q series QJ71E71-100 | 8.1 | - | 2022-04-01 |
| CVE-2022-25157 | Mitsubishi Electric MELSEC iQ-F series 授权问题漏洞 — Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU; Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU; Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU; Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU; Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU; Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4); Mitsubishi Electric MELSEC iQ-R series RJ71EN71; Mitsubishi Electric MELSEC iQ-R series RJ71GF11-T2; Mitsubishi Electric MELSEC iQ-R series RJ71GP21(S)-SX; Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2; Mitsubishi Electric MELSEC Q series Q03UDECPU; Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU; Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4); Mitsubishi Electric MELSEC Q series QJ71E71-100; Mitsubishi Electric MELSEC L series L02/06/26CPU(-P); Mitsubishi Electric MELSEC L series L26CPU-(P)BT; Mitsubishi Electric MELSEC L series LJ71C24(-R2); Mitsubishi Electric MELSEC L series LJ71E71-100; Mitsubishi Electric MELSEC L series LJ72GF15-T2 | 7.4 | - | 2022-04-01 |
| CVE-2022-25155 | Mitsubishi Electric MELSEC iQ-F series 授权问题漏洞 — Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU; Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU; Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU; Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU; Mitsubishi Electric MELSEC iQ-R series RJ71GN11-T2; Mitsubishi Electric MELSEC iQ-R series RJ71GN11-EIP; Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4); Mitsubishi Electric MELSEC iQ-R series RJ71EN71; Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2; Mitsubishi Electric MELSEC Q series Q03UDECPU; Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU; Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4); Mitsubishi Electric MELSEC Q series QJ71E71-100; Mitsubishi Electric MELSEC Q series QJ72BR15; Mitsubishi Electric MELSEC Q series QJ72LP25(-25/G/GE); Mitsubishi Electric MELSEC L series L02/06/26CPU(-P); Mitsubishi Electric MELSEC L series L26CPU-(P)BT; Mitsubishi Electric MELSEC L series LJ71C24(-R2); Mitsubishi Electric MELSEC L series LJ71E71-100; Mitsubishi Electric MELSEC L series LJ72GF15-T2 | 7.4 | - | 2022-04-01 |
| CVE-2022-25156 | Mitsubishi Electric MELSEC iQ-F series 加密问题漏洞 — Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU; Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU; Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU; Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU; Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU; Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4); Mitsubishi Electric MELSEC iQ-R series RJ71EN71; Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2; Mitsubishi Electric MELSEC Q series Q03UDECPU; Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU; Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4); Mitsubishi Electric MELSEC Q series QJ71E71-100; Mitsubishi Electric MELSEC Q series QJ72BR15; Mitsubishi Electric MELSEC Q series QJ72LP25(-25/G/GE); Mitsubishi Electric MELSEC L series L02/06/26CPU(-P); Mitsubishi Electric MELSEC L series L26CPU-(P)BT; Mitsubishi Electric MELSEC L series LJ71C24(-R2); Mitsubishi Electric MELSEC L series LJ71E71-100; Mitsubishi Electric MELSEC L series LJ72GF15-T2 | 7.4 | - | 2022-04-01 |
| CVE-2021-32503 | SICK FieldEcho 资源管理错误漏洞 — SICK FTMgCWE-862 | 8.2 | - | 2022-04-01 |
| CVE-2021-20238 | Red Hat OpenShift Container Platform 访问控制错误漏洞 — openshift/machine-config-operatorCWE-287 | 5.9 | - | 2022-04-01 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19065 条 CVE 漏洞。