access:pre-auth 类型相关 19065 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2021-27631 | SAP Netweaver和SAP NetWeaver AS ABAP Business Server 代码问题漏洞 — SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server)CWE-476 | 7.5 | - | 2021-06-09 |
| CVE-2021-27632 | SAP Netweaver 代码问题漏洞 — SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server)CWE-476 | 7.5 | - | 2021-06-09 |
| CVE-2021-27633 | SAP Netweaver 缓冲区错误漏洞 — SAP NetWeaver AS for ABAP (RFC Gateway)CWE-787 | 7.5 | - | 2021-06-09 |
| CVE-2021-27634 | SAP Netweaver 缓冲区错误漏洞 — SAP NetWeaver AS for ABAP (RFC Gateway)CWE-787 | 7.5 | - | 2021-06-09 |
| CVE-2021-26472 | Vembu BDR Suite 操作系统命令注入漏洞 — n/a | 10.0 | Critical | 2021-06-08 |
| CVE-2021-26471 | Vembu BDR Suite 命令注入漏洞 — n/a | 9.8 | Critical | 2021-06-08 |
| CVE-2021-21559 | Dell EMC NetWorker 信任管理问题漏洞 — NetWorkerCWE-295 | 7.1 | High | 2021-06-08 |
| CVE-2021-28293 | Seceon aiSIEM 授权问题漏洞 — n/a | 9.8 | - | 2021-06-08 |
| CVE-2021-22214 | GitLab 代码问题漏洞 — GitLab | 6.8 | Medium | 2021-06-08 |
| CVE-2021-24340 | WordPress 插件SQL注入漏洞 — WP StatisticsCWE-89 | 7.5 | - | 2021-06-07 |
| CVE-2020-29321 | D-Link DIR-868L 信息泄露漏洞 — D-Link Router DIR-868L | 7.5 | - | 2021-06-04 |
| CVE-2020-29324 | D-Link DIR-895L MFC 信息泄露漏洞 — D-Link Router DIR-895L | 7.5 | - | 2021-06-04 |
| CVE-2020-29323 | D-Link DIR-885L MFC 信息泄露漏洞 — D-Link Router DIR-885L-MFC | 7.5 | - | 2021-06-04 |
| CVE-2020-29322 | D-Link DIR-880L 信息泄露漏洞 — D-Link Router DIR-880L | 7.5 | - | 2021-06-04 |
| CVE-2021-1564 | Cisco Video Surveillance Manager 资源管理错误漏洞 — Cisco Video Surveillance 7000 Series IP CamerasCWE-400 | 6.5 | Medium | 2021-06-04 |
| CVE-2021-1563 | Cisco Video Surveillance Manager 资源管理错误漏洞 — Cisco Video Surveillance 7000 Series IP CamerasCWE-400 | 6.5 | Medium | 2021-06-04 |
| CVE-2021-1537 | Cisco ThousandEyes Recorder 安全漏洞 — Cisco ThousandEyes Recorder ApplicationCWE-522 | 6.2 | Medium | 2021-06-04 |
| CVE-2021-1525 | Cisco Webex Meetings 输入验证错误漏洞 — Cisco WebEx Meetings ServerCWE-601 | 4.7 | Medium | 2021-06-04 |
| CVE-2021-23894 | Mcafee Database Security Server 代码问题漏洞 — McAfee Database Security (DBSec)CWE-502 | 9.6 | Critical | 2021-06-02 |
| CVE-2021-31641 | CHIYU科技BF-630W 跨站脚本漏洞 — n/a | 6.1 | - | 2021-06-01 |
| CVE-2020-4561 | IBM Cognos Analytics 授权问题漏洞 — Cognos Analytics | 9.1 | - | 2021-05-31 |
| CVE-2021-25641 | Apache Dubbo 代码问题漏洞 — Apache Dubbo | 9.8 | - | 2021-05-29 |
| CVE-2020-15782 | Siemens SIMATIC S7-1500 CPU和SIMATIC S7-1500 缓冲区错误漏洞 — SIMATIC Drive Controller familyCWE-119 | 9.1 | - | 2021-05-28 |
| CVE-2021-20237 | ZeroMQ 资源管理错误漏洞 — zeromqCWE-400 | 7.5 | - | 2021-05-28 |
| CVE-2021-32542 | CTS Web transaction system 跨站脚本漏洞 — CTS WebCWE-79 | 4.7 | Medium | 2021-05-28 |
| CVE-2021-32541 | 嘉实资讯 CTS Web transaction system 授权问题漏洞 — CTS Web | 5.3 | Medium | 2021-05-28 |
| CVE-2021-27852 | Checkbox Survey 代码问题漏洞 — Survey | 9.8 | Critical | 2021-05-27 |
| CVE-2020-14387 | rsync rsync-ssl 存在安全漏洞 — rsyncCWE-297 | 7.4 | - | 2021-05-27 |
| CVE-2021-22891 | Citrix Systems Citrix ShareFile 安全漏洞 — Citrix ShareFile Storage Zones ControllerCWE-862 | 9.8 | - | 2021-05-27 |
| CVE-2021-22911 | Rocket.Chat 安全漏洞 — Rocket.Chat serverCWE-75 | 9.8 | - | 2021-05-27 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19065 条 CVE 漏洞。