Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-12	CVE-2021-26753	Incorrect Authorization vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. network low complexity nedi CWE-863 critical	9.9
2021-02-10	CVE-2021-27177	Incorrect Authorization vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. network low complexity fiberhome CWE-863 critical	9.8
2021-02-05	CVE-2020-8806	Incorrect Authorization vulnerability in Electriccoin Zcashd Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. network low complexity electriccoin CWE-863	7.5
2021-02-04	CVE-2020-27873	Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. low complexity netgear CWE-863	6.5
2021-02-03	CVE-2021-25777	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. network low complexity jetbrains CWE-863	5.3
2021-02-03	CVE-2021-25774	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. network low complexity jetbrains CWE-863	4.3
2021-02-02	CVE-2019-25017	Incorrect Authorization vulnerability in MIT Krb5-Appl An issue was discovered in rcp in MIT krb5-appl through 1.0.3. network high complexity mit CWE-863	5.9
2021-01-29	CVE-2020-29605	Incorrect Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. network low complexity mantisbt CWE-863	4.3
2021-01-28	CVE-2021-3337	Incorrect Authorization vulnerability in Hide Thread Content Project Hide Thread Content 1.0 The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit. network low complexity hide-thread-content-project CWE-863	7.5
2021-01-28	CVE-2020-1725	Incorrect Authorization vulnerability in Redhat Keycloak A flaw was found in keycloak before version 13.0.0. network low complexity redhat CWE-863	5.4

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization