Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

576 vulnerabilities with CWE-290

CVE-2023-0816 MEDIUM

Formidable Forms WordPress Plugin < 6.1 - IP Address Spoofing via Untrusted Headers

CVE-2023-24892 HIGH

Microsoft Edge Chromium < 111.0.1661.41 - Authentication Bypass by Spoofing via Webview2

CVE-2023-23398 HIGH

Microsoft Excel - Authentication Bypass by Spoofing

CVE-2023-21794 MEDIUM

Microsoft Edge Chromium < 110.0.1587.41 - Authentication Bypass by Spoofing

CVE-2023-22474 HIGH

parse-server < 5.4.1 - Authentication Bypass via X-Forwarded-For Header Spoofing

CVE-2023-20025 CRITICAL

Cisco Small Business RV016-082 - Auth Bypass

CVE-2022-3180 CRITICAL

wpgateway <= 3.5 - Unauthenticated Privilege Escalation via Administrator Account Creation

CVE-2022-22364 MEDIUM

IBM Cognos Controller <11.0.0 - SSRF

CVE-2022-48513 CRITICAL

Huawei EMUI and HarmonyOS - Authentication Bypass in Gallery Module

CVE-2022-48469 MEDIUM

Huawei B535-232a Firmware - Traffic Hijacking via Authentication Bypass

CVE-2022-36331 CRITICAL

Western Digital My Cloud <5.25.132, <8.13.1-102 - Info Disclosure

CVE-2022-47522 HIGH

IEEE 802.11 through 802.11ax - Authentication Bypass by MAC Address Spoofing

CVE-2022-48349 CRITICAL

Huawei EMUI and HarmonyOS - Authentication Bypass by Spoofing

CVE-2022-4550 HIGH

User Activity WP <1.0.1 - Info Disclosure

CVE-2022-47648 HIGH

Bosch B420 Firmware - Unauthenticated Control Panel Access via IP-Based Authorization Bypass

CVE-2022-40269 MEDIUM

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 - Authentication Bypass by Spoofing via HTML Attribute Abuse

CVE-2022-32747 HIGH

EcoStruxure Cybersecurity Admin Expert < 2.4 - Authentication Bypass by Spoofing

CVE-2022-3820 MEDIUM

GitLab <15.4.4-15.5.2 - Auth Bypass

CVE-2022-4746 HIGH

FluentAuth < 1.0.2 - Authentication Bypass via HTTP Header Spoofing

CVE-2022-4303 HIGH

WP Limit Login Attempts <2.6.4 - Auth Bypass

CVE-2022-31738 MEDIUM

Firefox < 101 and Firefox ESR < 91.10 - Authentication Bypass by Spoofing via Fullscreen Mode Exit

CVE-2022-44713 HIGH

Microsoft Office - Authentication Bypass by Spoofing

CVE-2022-44636 MEDIUM

Samsung TV 2021-2022 Models - Authentication Bypass via Bluetooth Spoofing

CVE-2022-4098 HIGH

Wiesemann&Theis ComServer - Auth Bypass

CVE-2022-41798 MEDIUM

Kyocera Document Solutions - Info Disclosure

Previous Page 16 of 24 Next

Details

Vulnerabilities 576

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy