Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

210 vulnerabilities with CWE-294

CVE-2024-40715 HIGH

Veeam Backup & Replication Enterprise Manager - Auth Bypass

CVE-2024-22066 HIGH

ZTE ZXR10 ZSR V2 - Privilege Escalation

CVE-2024-46041 HIGH

IoT Haat Smart Plug IH-IN-16A-S <5.16.1 - Auth Bypass

CVE-2024-39081 MEDIUM

SMART TYRE CAR & BIKE <4.2.0 - SSRF

CVE-2024-43099 HIGH

Session Hijacking - Auth Bypass

CVE-2024-8260 MEDIUM

OPA for Windows <v0.68.0 - SMB Force-Authentication

CVE-2024-3982 HIGH

MicroSCADA X - Session Hijacking

CVE-2024-45244 MEDIUM

Hyperledger Fabric <3.0.0, <2.5.10 - Info Disclosure

CVE-2024-38890 HIGH

Horizoncloud Caterease < 24.0.1.2405 - Authentication Bypass

CVE-2024-5249 MEDIUM

Akana API Platform <2024.1.0 - Info Disclosure

CVE-2024-38438 CRITICAL

D-Link - Auth Bypass

CVE-2024-37016 MEDIUM

Mengshen Wireless Door Alarm M70 - Auth Bypass

CVE-2024-38272 MEDIUM

Quick Share <1.0.1724.0 - Auth Bypass

CVE-2024-38284 HIGH

Transmitted data - Info Disclosure

CVE-2024-34065 HIGH

Strapi <4.24.2 - Auth Bypass

CVE-2024-4009 CRITICAL

ABB, Busch-Jaeger, FTS Display <1.00 & BCU <1.3.0.33 - Replay Attack

CVE-2024-29851 HIGH

Veeam Backup Enterprise Manager - Info Disclosure

CVE-2024-29850 HIGH

Veeam Backup Enterprise Manager - Privilege Escalation

CVE-2024-29901 MEDIUM

AuthKit <0.4.2 - SSRF

CVE-2023-50786 MEDIUM

Dradis <4.16.0 - Info Disclosure

CVE-2023-47435 CRITICAL

hexo-theme-matery v2.0.0 - Auth Bypass

CVE-2023-49231 CRITICAL

Stilog Visual Planning 8 - Auth Bypass

CVE-2023-6374 MEDIUM

Mitsubishi Electric Corporation MELSEC WS Series - Auth Bypass

CVE-2023-46892 HIGH

Meross MSH30Q <4.5.23 - Replay Attack

CVE-2023-50128 MEDIUM

Hozard Alarm System <v1.0 - Replay Attack

Previous Page 3 of 9 Next

Details

Vulnerabilities 210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy