Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-21 | CVE-2020-11964 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. | 7.5 |
| 2020-04-20 | CVE-2020-9277 | Improper Authentication vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-20 | CVE-2020-9070 | Improper Authentication vulnerability in Huawei Taurus-Al00B Firmware 10.0.0.133(C00E132R5P1)/10.0.0.203(C00E201R7P2)/10.0.0.41(Sp2C00E41R3P2) Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. | 5.5 |
| 2020-04-20 | CVE-2020-1803 | Improper Authentication vulnerability in Huawei Honor V20 Firmware Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C636E3R4P3),versions earlier than 10.0.0.180(C185E3R3P3),versions earlier than 10.0.0.180(C432E10R3P4) have an information disclosure vulnerability. | 5.3 |
| 2020-04-20 | CVE-2017-18850 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.4 |
| 2020-04-19 | CVE-2019-20786 | Improper Authentication vulnerability in Pion Dtls handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion. | 9.8 |
| 2020-04-15 | CVE-2020-7276 | Improper Authentication vulnerability in Mcafee Endpoint Security Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool. | 6.7 |
| 2020-04-13 | CVE-2020-8148 | Improper Authentication vulnerability in UI Cloud KEY Gen2 and Cloud KEY Gen2 Plus UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. | 5.3 |
| 2020-04-10 | CVE-2020-1801 | Improper Authentication vulnerability in Huawei Mate 30 Firmware and Mate 30 PRO Firmware There is an improper authentication vulnerability in several smartphones. | 5.5 |
| 2020-04-08 | CVE-2020-1637 | Improper Authentication vulnerability in Juniper Junos A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy. | 6.5 |