CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287
CVE-2013-3071 CRITICAL
NETGEAR Centria WNDR4700 - Auth Bypass
CVSS 9.8
CVE-2013-1600 MEDIUM
D-Link DCS-2102 and DCS-2121 Firmware - Authentication Bypass via UPnP ASF-MP4 Streaming
CVSS 5.3
CVE-2013-4863 HIGH
MiCasaVerde VeraLite <1.5.408 - RCE
CVSS 8.8
CVE-2013-4462 CRITICAL
WordPress Portable phpMyAdmin Plugin - Authentication Bypass
CVSS 9.1
CVE-2013-1596 MEDIUM
Vivotek PT7135 Firmware 0300a and 0400a - Authentication Bypass via RTSP Packet
CVSS 5.3
CVE-2013-5122 CRITICAL
Cisco Linksys Routers - Unauthenticated Access
CVSS 9.8
CVE-2013-4982 CRITICAL
AVTECH AVN801 DVR Firmware - Authentication Bypass via Captcha
CVSS 9.8
CVE-2013-4976 CRITICAL
Hikvision DS-2CD7153-E - Auth Bypass
CVSS 9.8
CVE-2013-4621 CRITICAL
Magnolia CMS <4.5.9 - Privilege Escalation
CVSS 9.8
CVE-2013-3088 CRITICAL
Belkin N900 F9K1104v1 - Auth Bypass
CVSS 9.8
CVE-2013-3085 CRITICAL
Belkin F5D8236-4 v2 - Authentication Bypass in Web Management Interface
CVSS 9.8
CVE-2013-4593 HIGH
omniauth-facebook < 1.5.0 - Improper Authentication
CVSS 7.5
CVE-2013-2159 CRITICAL
Monkey HTTP Daemon - Improper Authentication
CVSS 9.8
CVE-2013-3072 CRITICAL
NETGEAR Centria WNDR4700 Firmware 1.0.0.34 - Auth Bypass
CVSS 9.8
CVE-2013-3367 CRITICAL
TRENDnet TEW-691GR and TEW-692GR - Unauthenticated Backdoor Access via Undocumented TELNET Service
CVSS 9.8
CVE-2013-5123 MEDIUM
pip < 1.5 - Man-in-the-Middle Attack via Insecure Mirror DNS Querying
CVSS 5.9
CVE-2013-1391 HIGH
Hunt CCTV DVR Firmware - Unauthenticated Configuration Disclosure
CVSS 7.5
CVE-2013-7465 CRITICAL
Ice Cold Apps Servers Ultimate 6.0.2(12) - RCE
CVSS 9.8
CVE-2013-4793
Umbraco CMS < 6.0.3 - Unauthenticated Remote Code Execution via TemplateService SOAP Request
CVE-2013-4594
Payment for Webform <7.x-1.5 - Info Disclosure
CVE-2013-3092
Belkin N300 F7D7301v1 - Auth Bypass
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Unauthenticated Authentication Bypass via TCP Port 37777
CVE-2013-0191
libpam-pgsql 0.7 - Authentication Bypass via NULL Password Query Result
CVE-2013-6470
Red Hat OpenStack Platform 4.0 - Unauthenticated Qpid Access via Default Configuration
CVE-2013-6788
Bitrix e-Store Module < 14.0.0 - Authentication Bypass via Sequential Cookie Value
Details
Vulnerabilities 4,374
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits