Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-05 | CVE-2022-25989 | Authentication Bypass by Spoofing vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. | 8.8 |
| 2022-03-06 | CVE-2022-26505 | Authentication Bypass by Spoofing vulnerability in multiple products A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. | 7.4 |
| 2022-02-24 | CVE-2022-21142 | Authentication Bypass by Spoofing vulnerability in Appleple A-Blog CMS Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition. | 9.8 |
| 2022-02-11 | CVE-2022-24112 | Authentication Bypass by Spoofing vulnerability in Apache Apisix An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. | 9.8 |
| 2022-01-13 | CVE-2022-23131 | Authentication Bypass by Spoofing vulnerability in Zabbix In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. | 9.8 |
| 2021-12-15 | CVE-2021-42320 | Authentication Bypass by Spoofing vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server Microsoft SharePoint Server Spoofing Vulnerability | 5.7 |
| 2021-12-07 | CVE-2021-40288 | Authentication Bypass by Spoofing vulnerability in Tp-Link Archer Ax10 Firmware 230220/230508 A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames | 7.5 |
| 2021-10-07 | CVE-2021-41130 | Authentication Bypass by Spoofing vulnerability in Google Extensible Service Proxy Extensible Service Proxy, a.k.a. | 5.4 |
| 2021-10-06 | CVE-2020-19003 | Authentication Bypass by Spoofing vulnerability in Liftoffsoftware Gate ONE 1.2.0 An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list. | 5.3 |
| 2021-09-27 | CVE-2021-41753 | Authentication Bypass by Spoofing vulnerability in Dlink Dir-X1560 Firmware and Dir-X6060 Firmware A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames. | 7.5 |