Vulnerabilities > Improper Authentication

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-04	CVE-2025-0890	UNSUPPORTED WHEN ASSIGNED Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so. network low complexity CWE-287 critical	9.8
2025-01-08	CVE-2023-52955	Improper Authentication vulnerability in Huawei Emui and Harmonyos Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. network low complexity huawei CWE-287	7.5
2025-01-08	CVE-2024-56445	Improper Authentication vulnerability in Huawei Harmonyos 5.0.0 Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. network low complexity huawei CWE-287	5.3
2025-01-07	CVE-2024-12264	The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. network low complexity CWE-287 critical	9.8
2024-12-18	CVE-2024-12287	The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2. network low complexity CWE-287 critical	9.8
2024-12-12	CVE-2024-10111	The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.26.3. network high complexity CWE-287	8.1
2024-12-12	CVE-2024-11015	The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0. network low complexity CWE-287 critical	9.8
2024-12-11	CVE-2024-47761	Improper Authentication vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. network low complexity glpi-project CWE-287	7.2
2024-11-26	CVE-2016-10394	Improper Authentication vulnerability in Qualcomm products Initial xbl_sec revision does not have all the debug policy features and critical checks. local low complexity qualcomm CWE-287	7.8
2024-11-26	CVE-2018-11952	Improper Authentication vulnerability in Qualcomm products An image with a version lower than the fuse version may potentially be booted lead to improper authentication. local low complexity qualcomm CWE-287	7.8

Vulnerabilities > Improper Authentication {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Authentication"}]}

Vulnerabilities > Improper Authentication