Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2021-30028 | Improper Authentication vulnerability in Sooteway Wi-Fi Range Extender Project Sooteway Wi-Fi Range Extender 1.5 SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely. | 7.2 |
| 2022-05-20 | CVE-2022-28106 | Improper Authentication vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. | 9.8 |
| 2022-05-18 | CVE-2021-42849 | Improper Authentication vulnerability in Lenovo products A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access. | 6.8 |
| 2022-05-18 | CVE-2022-28955 | Improper Authentication vulnerability in Dlink Dir-816L Firmware 206B01 An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. | 7.5 |
| 2022-05-12 | CVE-2022-22796 | Improper Authentication vulnerability in Sysaid Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication. | 9.8 |
| 2022-05-12 | CVE-2021-0193 | Improper Authentication vulnerability in IBM In-Band Manageability Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | 7.2 |
| 2022-05-12 | CVE-2021-33083 | Improper Authentication vulnerability in Intel products Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2022-05-12 | CVE-2022-1681 | Improper Authentication vulnerability in Requarks Wiki.Js Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. | 7.2 |
| 2022-05-11 | CVE-2022-1426 | Improper Authentication vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. | 3.7 |
| 2022-05-06 | CVE-2022-21934 | Improper Authentication vulnerability in Johnsoncontrols products Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2. | 8.8 |