Vulnerabilities > Authentication Bypass by Capture-replay
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-18 | CVE-2022-41541 | Authentication Bypass by Capture-replay vulnerability in Tp-Link Ax10 Firmware V1211117 TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. | 8.1 |
2022-10-14 | CVE-2022-2780 | Authentication Bypass by Capture-replay vulnerability in Octopus Server In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack. | 8.1 |
2022-10-11 | CVE-2022-42731 | Authentication Bypass by Capture-replay vulnerability in Django-Mfa2 Project Django-Mfa2 mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. | 7.5 |
2022-09-13 | CVE-2022-37011 | Authentication Bypass by Capture-replay vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML (Mendix 9 compatible, New Track) (All versions < V3.3.1), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions < V3.3.0). | 9.8 |
2022-07-15 | CVE-2022-31158 | Authentication Bypass by Capture-replay vulnerability in Packback LTI 1.3 Tool Library LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. | 7.5 |
2022-07-14 | CVE-2022-29593 | Authentication Bypass by Capture-replay vulnerability in Dingtian-Tech Dt-R004 Firmware 3.1.276A relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request. | 5.9 |
2022-07-04 | CVE-2022-33208 | Authentication Bypass by Capture-replay vulnerability in Omron products Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who can analyze the communication between the affected controller and automation software 'Sysmac Studio' and/or a Programmable Terminal (PT) to access the controller. | 6.8 |
2022-07-04 | CVE-2022-33971 | Authentication Bypass by Capture-replay vulnerability in Omron products Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program. | 5.4 |
2022-06-29 | CVE-2022-30467 | Authentication Bypass by Capture-replay vulnerability in Joyebike Wolf 2022 Firmware Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote attackers to jam the key fob request via RF. | 4.3 |
2022-06-16 | CVE-2022-31277 | Authentication Bypass by Capture-replay vulnerability in MI Xiaomi Lamp 1 Firmware 2.0.40066 Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. | 5.8 |