Vulnerabilities > Authentication Bypass by Capture-replay

DATE CVE VULNERABILITY TITLE RISK
2023-05-24 CVE-2023-31759 Authentication Bypass by Capture-replay vulnerability in Keruistore Kerui W18 Firmware 1.0
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.
high complexity
keruistore CWE-294
7.5
2023-05-24 CVE-2023-31761 Authentication Bypass by Capture-replay vulnerability in Blitzwolf Bw-Is22 Firmware 1.0
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
high complexity
blitzwolf CWE-294
7.5
2023-05-24 CVE-2023-31762 Authentication Bypass by Capture-replay vulnerability in Mydigoo Dg-Hamb Firmware 1.0
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.
high complexity
mydigoo CWE-294
7.5
2023-05-24 CVE-2023-31763 Authentication Bypass by Capture-replay vulnerability in Agshome Smart Alarm Project Agshome Smart Alarm Firmware 1.0
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
7.5
2023-05-22 CVE-2023-33281 Authentication Bypass by Capture-replay vulnerability in Nissan Sylphy Classic 2021 Firmware
The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack.
low complexity
nissan CWE-294
6.5
2023-04-21 CVE-2022-47930 Authentication Bypass by Capture-replay vulnerability in Iofinnet Tss-Lib
An issue was discovered in IO FinNet tss-lib before 2.0.0.
network
high complexity
iofinnet CWE-294
6.8
2023-04-05 CVE-2023-20123 Authentication Bypass by Capture-replay vulnerability in Cisco DUO and DUO Authentication for Windows Logon and RDP
A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device.
low complexity
cisco CWE-294
4.6
2023-03-14 CVE-2023-23397 Authentication Bypass by Capture-replay vulnerability in Microsoft products
Microsoft Outlook Elevation of Privilege Vulnerability
network
low complexity
microsoft CWE-294
critical
9.8
2023-01-20 CVE-2022-43704 Authentication Bypass by Capture-replay vulnerability in Sinilink Xy-Wft1 Firmware 1.3.6
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT.
network
high complexity
sinilink CWE-294
5.9
2023-01-09 CVE-2023-0035 Authentication Bypass by Capture-replay vulnerability in Openatom Openharmony
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
local
low complexity
openatom CWE-294
7.8