Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

210 vulnerabilities with CWE-294

CVE-2025-49752 CRITICAL

Azure Bastion - Privilege Escalation

CVE-2025-64131 HIGH

Jenkins SAML Plugin <4.583 - Auth Bypass

CVE-2025-35061 MEDIUM

Newforma Info Exchange - SSRF

CVE-2025-35058 MEDIUM

Newforma NIX - SSRF

CVE-2025-35057 MEDIUM

Newforma Info Exchange - SSRF

CVE-2025-54810 HIGH

Cognex In-Sight Explorer & Camera Firmware - Info Disclosure

CVE-2025-56448 MEDIUM

Positron PX360BT SW REV 8 - Replay Attack

CVE-2025-9100 MEDIUM

zhenfeng13 My-Blog 1.0.0 - Auth Bypass

CVE-2025-8616 MEDIUM

OpenText Advanced Authentication <6.5.0 - Auth Bypass

CVE-2025-36593 HIGH

Dell Openmanage Network Integration < 3.8 - Authentication Bypass

CVE-2025-6533 MEDIUM

xxyopen/201206030 novel-plus <5.1.3 - Auth Bypass

CVE-2025-6030 CRITICAL

Cyclone Matrix TRF Smart - Replay Attack

CVE-2025-6029 CRITICAL

KIA-branded Aftermarket Generic Smart - Replay Attack

CVE-2025-48012 MEDIUM

One Time Password < 8.x-1.3 - Authentication Bypass

CVE-2025-30072 HIGH

Tiiwee X1 Alarm System TWX1HAKV2 - Auth Bypass

CVE-2025-47706 MEDIUM

Miniorange 2fa < 5.2.0 - Authentication Bypass

CVE-2025-46815 HIGH

ZITADEL <3.0.0-2.70.10 - DoS

CVE-2025-1887 HIGH

Sage 200 Spain <2025.35.000 - Privilege Escalation

CVE-2025-26201 CRITICAL

GreaterWMS <= 2.1.49 - Info Disclosure

CVE-2024-38823 LOW

Salt's Request Server - Replay Attack

CVE-2024-12137 HIGH

Elfatek Elektronics ANKA JPD-00028 - Auth Bypass

CVE-2024-12839 HIGH

CGFIDO - Auth Bypass

CVE-2024-52534 MEDIUM

Dell Elastic Cloud Storage < 3.8.1.3 - Authentication Bypass

CVE-2024-49595 HIGH

Dell Wyse Management Suite <4.4 - Auth Bypass

CVE-2024-36250 LOW

Mattermost <9.11.3-9.5.11 - Info Disclosure

Previous Page 2 of 9 Next

Details

Vulnerabilities 210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy