Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-17 | CVE-2023-0863 | Improper Authentication vulnerability in ABB products Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. | 8.8 |
| 2023-05-17 | CVE-2023-2706 | Improper Authentication vulnerability in Xootix OTP Login Woocommerce & Gravity Forms The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. | 8.1 |
| 2023-05-16 | CVE-2023-2499 | Improper Authentication vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. | 9.8 |
| 2023-05-15 | CVE-2023-23450 | Improper Authentication vulnerability in Sick products Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface. | 9.8 |
| 2023-05-12 | CVE-2023-27823 | Improper Authentication vulnerability in Optoma 1080Pstx C02 An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials. | 9.8 |
| 2023-05-12 | CVE-2023-32243 | Improper Authentication vulnerability in Wpdeveloper Essential Addons for Elementor Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | 9.8 |
| 2023-05-11 | CVE-2023-28325 | Improper Authentication vulnerability in Rocket.Chat An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room. | 6.5 |
| 2023-05-11 | CVE-2023-0858 | Improper Authentication vulnerability in Canon products Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. | 5.3 |
| 2023-05-10 | CVE-2023-31152 | Improper Authentication vulnerability in Selinc products An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. | 8.8 |
| 2023-05-10 | CVE-2022-41985 | Improper Authentication vulnerability in Weston-Embedded Uc-Ftps 1.98.00 An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. | 7.5 |