Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-29 | CVE-2013-3317 | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | 9.8 |
| 2020-01-29 | CVE-2013-3316 | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | 9.8 |
| 2020-01-29 | CVE-2013-3215 | Improper Authentication vulnerability in Vtiger CRM vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function. | 9.8 |
| 2020-01-29 | CVE-2013-2569 | Improper Authentication vulnerability in Zavio F3105 Firmware and F312A Firmware A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. | 7.5 |
| 2020-01-28 | CVE-2013-3071 | Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | 9.8 |
| 2020-01-28 | CVE-2013-1600 | Improper Authentication vulnerability in Dlink Dcs-2102 Firmware and Dcs-2121 Firmware An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. | 5.3 |
| 2020-01-28 | CVE-2013-4863 | Improper Authentication vulnerability in Micasaverde Veralite Firmware 1.5.408 The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | 8.8 |
| 2020-01-28 | CVE-2019-15585 | Improper Authentication vulnerability in Gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 9.8 |
| 2020-01-27 | CVE-2019-19825 | Improper Authentication vulnerability in Totolink products On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. | 9.8 |
| 2020-01-27 | CVE-2013-4462 | Improper Authentication vulnerability in Portable PHPmyadmin Project Portable PHPmyadmin WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | 9.1 |