Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

197 vulnerabilities with CWE-294

CVE-2026-28787 HIGH

OneUptime <=10.0.11 - Auth Bypass

RustDesk Client <1.4.5 - Auth Bypass

Micca KE700 - Replay Attack

CVE-2025-67135 CRITICAL

PF-50 1.2 - Code Injection

CVE-2026-1743 LOW

DJI Mavic Mini, Air, Spark and Mini SE <01.00.0500 - Auth Bypass

CVE-2025-69822 HIGH

Atomberg Erica Smart Fan Firmware - Information Disclosure

CVE-2025-68671 MEDIUM

LakeFS <1.75.0 - Replay Attack

CVE-2025-65553 MEDIUM

D3D Wi-Fi Home Security System ZX-G12 v2.1.17 - DoS

CVE-2025-65552 CRITICAL

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 - Info Disclosure

CVE-2025-69197 MEDIUM

Pterodactyl <1.11.11 - Info Disclosure

CVE-2025-40807 MEDIUM

Gridscale X Prepay <V4.2.1 - Auth Bypass

CVE-2025-30201 HIGH

Wazuh <4.13.0 - Privilege Escalation

CVE-2025-49752 CRITICAL

Azure Bastion - Privilege Escalation

CVE-2025-64131 HIGH

Jenkins SAML Plugin <4.583 - Auth Bypass

CVE-2011-20002 HIGH

SIMATIC S7-1200 CPU - Capture-Replay

CVE-2025-35061 MEDIUM

Newforma Info Exchange - SSRF

CVE-2025-35058 MEDIUM

Newforma NIX - SSRF

CVE-2025-35057 MEDIUM

Newforma Info Exchange - SSRF

CVE-2025-54810 HIGH

Cognex In-Sight Explorer & Camera Firmware - Info Disclosure

CVE-2025-56448 MEDIUM

Positron PX360BT SW REV 8 - Replay Attack

CVE-2025-9100 MEDIUM

zhenfeng13 My-Blog 1.0.0 - Auth Bypass

OpenText Advanced Authentication <6.5.0 - Auth Bypass

CVE-2023-50786 MEDIUM

Dradis <4.16.0 - Info Disclosure

CVE-2025-36593 HIGH

Dell Openmanage Network Integration < 3.8 - Authentication Bypass

CVE-2025-6533 MEDIUM

xxyopen/201206030 novel-plus <5.1.3 - Auth Bypass

Page 1 of 8 Next

Details

Vulnerabilities 197

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy