Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2021-38459 | Authentication Bypass by Capture-replay vulnerability in Auvesy Versiondog The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. | 9.8 |
| 2021-10-07 | CVE-2021-35067 | Authentication Bypass by Capture-replay vulnerability in Meross Msg100 Firmware Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message). | 8.1 |
| 2021-10-06 | CVE-2021-25480 | Authentication Bypass by Capture-replay vulnerability in Google Android A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. | 7.5 |
| 2021-09-15 | CVE-2021-27662 | Authentication Bypass by Capture-replay vulnerability in Johnsoncontrols Kantech Kt-1 Door Controller Firmware The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. | 8.1 |
| 2021-07-26 | CVE-2021-26824 | Authentication Bypass by Capture-replay vulnerability in DM Fingertool Project DM Fingertool 1.19 DM FingerTool v1.19 in the DM PD065 Secure USB is susceptible to improper authentication by a replay attack, allowing local attackers to bypass user authentication and access all features and data on the USB. | 7.1 |
| 2021-07-02 | CVE-2020-23178 | Authentication Bypass by Capture-replay vulnerability in PHP-Fusion 9.03.50 An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user. | 5.4 |
| 2021-06-08 | CVE-2021-31958 | Authentication Bypass by Capture-replay vulnerability in Microsoft products Windows NTLM Elevation of Privilege Vulnerability | 7.5 |
| 2021-06-08 | CVE-2020-28713 | Authentication Bypass by Capture-replay vulnerability in Nightowlsp Smart Doorbell Firmware 20190505 Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. | 6.5 |
| 2021-05-07 | CVE-2021-27572 | Authentication Bypass by Capture-replay vulnerability in Remotemouse Emote Remote Mouse An issue was discovered in Emote Remote Mouse through 4.0.0.0. | 8.1 |
| 2021-02-09 | CVE-2021-22267 | Authentication Bypass by Capture-replay vulnerability in HPE web Viewpoint Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H). | 5.9 |