CWE-288

Authentication Bypass Using an Alternate Path or Channel

Parent: CWE-306 - Missing Authentication for Critical Function

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

522 vulnerabilities with CWE-288
CVE-2025-30112 HIGH
70mai Dash Cam 1S - Auth Bypass
CVSS 7.1
CVE-2025-2080 CRITICAL
Optigo Networks Visual BACnet Capture Tool/Optigo Visual Networks C...
CVE-2025-29996 HIGH
CAP back office - Auth Bypass
CVE-2025-1315 CRITICAL
Sfwebservice Injob < 3.5.1 - Missing Authentication
CVSS 9.8
CVE-2025-0749 HIGH
Homey theme <2.4.3 - Auth Bypass
CVSS 8.1
CVE-2025-1515 CRITICAL
WP Real Estate Manager <2.8 - Auth Bypass
CVSS 9.8
CVE-2025-27658 CRITICAL
Printerlogic Vasion Print < 20.0.1923 - Authentication Bypass
CVSS 9.8
CVE-2025-24846 HIGH
FutureNet AS - Info Disclosure
CVSS 7.5
CVE-2025-1671 CRITICAL
Academist Membership <1.1.6 - Privilege Escalation
CVSS 9.8
CVE-2025-1638 CRITICAL
Alloggio Membership <1.0.2 - Auth Bypass
CVSS 9.8
CVE-2025-1564 CRITICAL
SetSail Membership <1.0.3 - Auth Bypass
CVSS 9.8
CVE-2025-0159 CRITICAL
IBM FlashSystem - Auth Bypass
CVSS 9.1
CVE-2025-1739 HIGH
Trivision Camera NC227WF v5.8.0 - Auth Bypass
CVSS 7.1
CVE-2025-1717 HIGH
Pluginly Login ME Now < 1.7.2 - Missing Authentication
CVSS 8.1
CVE-2025-26966 CRITICAL
Aldo Latino PrivateContent <8.11.5 - Auth Bypass
CVSS 9.8
CVE-2025-26700 MEDIUM
RoboForm Password Manager <9.7.4 - Auth Bypass
CVSS 5.2
CVE-2025-1283 CRITICAL
Dingtian DT-R0 Series - Auth Bypass
CVSS 9.8
CVE-2025-24472 HIGH KEV
Fortinet Fortiproxy < 7.0.20 - Authentication Bypass
CVSS 8.1
CVE-2025-0181 CRITICAL
WP Foodbakery <4.7 - Privilege Escalation
CVSS 9.8
CVE-2025-0316 CRITICAL
WP Directorybox Manager <2.5 - Auth Bypass
CVSS 9.8
CVE-2025-1061 CRITICAL
Nextend Social Login Pro <3.1.16 - Auth Bypass
CVSS 9.8
CVE-2025-0674 CRITICAL
Elber - Auth Bypass
CVSS 9.8
CVE-2025-23217 HIGH
Pypi Mitmproxy < 11.1.2 - Remote Code Execution
CVE-2025-0364 CRITICAL
BigAntSoft BigAnt Server <5.6.06 - RCE
CVSS 9.8
CVE-2025-24456 MEDIUM
Jetbrains Hub < 2024.3.55417 - Missing Authentication
CVSS 6.7
Details
Vulnerabilities 522
Links
MITRE CWE Entry Search this CWE With Exploits