Vulnerabilities > Authentication Bypass by Capture-replay
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-11 | CVE-2023-50128 | Authentication Bypass by Capture-replay vulnerability in Hozard Alarm System 1.0 The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state. | 5.3 |
2023-12-05 | CVE-2022-46480 | Authentication Bypass by Capture-replay vulnerability in U-Tec Ultraloq UL3 BT Firmware 02.27.0012 Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range. | 8.1 |
2023-11-17 | CVE-2023-39547 | Authentication Bypass by Capture-replay vulnerability in NEC products CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | 8.8 |
2023-10-19 | CVE-2023-36857 | Authentication Bypass by Capture-replay vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access. | 6.5 |
2023-08-31 | CVE-2023-20900 | Authentication Bypass by Capture-replay vulnerability in multiple products A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | 7.5 |
2023-07-20 | CVE-2023-34625 | Authentication Bypass by Capture-replay vulnerability in Showmojo Mojobox Firmware 1.4 ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. | 8.1 |
2023-07-06 | CVE-2022-48507 | Authentication Bypass by Capture-replay vulnerability in Huawei Emui and Harmonyos Vulnerability of identity verification being bypassed in the storage module. | 7.5 |
2023-06-30 | CVE-2023-2846 | Authentication Bypass by Capture-replay vulnerability in Mitsubishielectric products Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets. | 9.1 |
2023-06-22 | CVE-2023-34553 | Authentication Bypass by Capture-replay vulnerability in Wafucn Wafu Keyless Smart Lock Firmware 1.0 An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack. | 6.5 |
2023-06-13 | CVE-2023-33621 | Authentication Bypass by Capture-replay vulnerability in Gl-Inet Gl-Ar750S Firmware 3.215 GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. | 5.9 |