CWE-288
Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
522 vulnerabilities with CWE-288
CVE-2025-34520
CRITICAL
Arcserve Udp < 7.0 - Authentication Bypass
CVSS 9.8
CVE-2025-5821
CRITICAL
Case Theme User <1.0.3 - Auth Bypass
CVSS 9.8
CVE-2025-5060
HIGH
Bravis User <1.0.0 - Auth Bypass
CVSS 8.1
CVE-2025-7642
CRITICAL
Simpler Checkout 0.7.0-1.1.9 - Auth Bypass
CVSS 9.8
CVE-2025-55623
MEDIUM
Reolink v4.54.0.4.20250526 - Auth Bypass
CVSS 5.4
CVE-2025-50904
CRITICAL
WinterChenS my-site - Auth Bypass
CVSS 9.8
CVE-2025-27129
CRITICAL
Tenda AC6 V5.0 V02.03.01.110 - Auth Bypass
CVSS 9.8
CVE-2025-24496
HIGH
Tenda Ac6 Firmware - Information Disclosure
CVSS 7.5
CVE-2025-54713
CRITICAL
Taxi Booking Manager for WooCommerce <1.3.0 - Auth Bypass
CVSS 9.8
CVE-2025-52338
MEDIUM
LogicData eCommerce Framework <5.0.9.7000 - Auth Bypass
CVSS 5.3
CVE-2025-3639
LOW
Liferay Portal/DXP - Auth Bypass
CVE-2025-8995
CRITICAL
Authenticator Login < 2.1.4 - Missing Authentication
CVSS 9.8
CVE-2025-51452
CRITICAL
TOTOLINK A7000R <9.1.0u.6115_B20201022 - Auth Bypass
CVSS 9.8
CVE-2025-40761
HIGH
RUGGEDCOM - Info Disclosure
CVSS 7.6
CVE-2025-40743
HIGH
SINUMERIK - Auth Bypass
CVSS 8.3
CVE-2025-55012
HIGH
Zed <0.197.3 - RCE
CVE-2025-53187
CRITICAL
ASPECT <3.08.04-s01 - Auth Bypass
CVSS 9.8
CVE-2025-24000
HIGH
WPExperts Post SMTP <3.2.0 - Auth Bypass
CVSS 8.8
CVE-2025-44957
HIGH
Commscope Ruckus Smartzone Firmware < 6.1.2 - Authentication Bypass
CVSS 8.5
CVE-2025-7710
CRITICAL
Brave Conversion Engine (PRO) - Auth Bypass
CVSS 9.8
CVE-2025-6895
CRITICAL
Melapress Login Security <2.1.1 - Auth Bypass
CVSS 9.8
CVE-2025-7742
HIGH
LG Innotek camera model LNV5110R - RCE
CVE-2025-31512
HIGH
AlertEnterprise Guardian <4.1.14.2.2.1 - Auth Bypass
CVSS 7.3
CVE-2025-34143
CRITICAL
ETQ Reliance CG - Auth Bypass
CVE-2025-7692
HIGH
Orion Login with SMS <1.0.5 - Auth Bypass
CVSS 8.1
Details
Vulnerabilities
522