Vulnerabilities > Authentication Bypass Using an Alternate Path or Channel

DATE CVE VULNERABILITY TITLE RISK
2024-10-01 CVE-2024-9106 The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0.
network
low complexity
CWE-288
critical
9.8
2024-07-18 CVE-2024-5620 Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics Apinizer Management Console allows Authentication Bypass.This issue affects Apinizer Management Console: before 2024.05.1.
network
low complexity
CWE-288
6.5
2023-10-11 CVE-2023-4957 Authentication Bypass Using an Alternate Path or Channel vulnerability in Zebra Zt410 Firmware
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer.
low complexity
zebra CWE-288
4.3
2023-09-19 CVE-2023-42793 Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
network
low complexity
jetbrains CWE-288
critical
9.8
2023-09-14 CVE-2023-4702 Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.
network
low complexity
yepas CWE-288
critical
9.8
2023-09-11 CVE-2023-41256 Authentication Bypass Using an Alternate Path or Channel vulnerability in Doverfuelingsolutions Maglink LX web Console Configuration
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
network
low complexity
doverfuelingsolutions CWE-288
critical
9.1
2022-06-01 CVE-2022-31022 Authentication Bypass Using an Alternate Path or Channel vulnerability in Couchbase Bleve
Bleve is a text indexing library for go.
local
low complexity
couchbase CWE-288
2.1
2021-12-27 CVE-2021-33017 Authentication Bypass Using an Alternate Path or Channel vulnerability in Philips products
The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication.
low complexity
philips CWE-288
5.8
2021-12-23 CVE-2021-43985 Authentication Bypass Using an Alternate Path or Channel vulnerability in Myscada Mypro 7/7.0.26
An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization.
network
low complexity
myscada CWE-288
7.5
2021-12-21 CVE-2021-27453 Authentication Bypass Using an Alternate Path or Channel vulnerability in Mesalabs Amegaview
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.
network
low complexity
mesalabs CWE-288
7.5