Vulnerabilities > Authentication Bypass by Capture-replay
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-11 | CVE-2019-3915 | Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05 Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface. | 5.4 |
2019-03-21 | CVE-2018-15498 | Authentication Bypass by Capture-replay vulnerability in Ysoft Safeq Server Client 6.0.13.1 YSoft SafeQ Server 6 allows a replay attack. | 6.8 |
2018-11-01 | CVE-2018-7356 | Authentication Bypass by Capture-replay vulnerability in ZTE Zxr10 8905E Firmware All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections. | 5.0 |
2018-10-10 | CVE-2018-13789 | Authentication Bypass by Capture-replay vulnerability in Descor Infocad FM An issue was discovered in Descor Infocad FM before 3.1.0.0. | 5.0 |
2018-09-18 | CVE-2018-17176 | Authentication Bypass by Capture-replay vulnerability in Neatorobotics products A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. | 5.0 |
2018-09-14 | CVE-2018-16242 | Authentication Bypass by Capture-replay vulnerability in O.Bike products oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol. | 2.9 |
2018-08-29 | CVE-2018-7790 | Authentication Bypass by Capture-replay vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5 An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). | 7.5 |
2017-10-13 | CVE-2017-11786 | Authentication Bypass by Capture-replay vulnerability in Microsoft Lync and Skype for Business Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles authentication requests, aka "Skype for Business Elevation of Privilege Vulnerability." | 9.3 |
2017-03-12 | CVE-2017-6823 | Authentication Bypass by Capture-replay vulnerability in Fiyo CMS 2.0.6.1 Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit action. | 6.5 |
2002-03-08 | CVE-2002-0054 | Authentication Bypass BY Capture-Replay vulnerability in Microsoft Exchange Server and Windows 2000 SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | 7.5 |