Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

210 vulnerabilities with CWE-294

CVE-2022-48507 HIGH

Storage Module - Info Disclosure

CVE-2022-47930 MEDIUM

IO FinNet tss-lib <2.0.0 - Info Disclosure

CVE-2022-45789 HIGH

Schneider-electric Ecostruxure Control Expert - Authentication Bypass

CVE-2022-43704 MEDIUM

Sinilink XY-WFT1 WiFi Remote Thermostat <1.3.6 - Auth Bypass

CVE-2022-38766 HIGH

Renault ZOE 2021 - Replay Attack

CVE-2022-2226 MEDIUM

Thunderbird - Info Disclosure

CVE-2022-25837 HIGH

Bluetooth Core Specification <5.3 - Unauthenticated MITM

CVE-2022-25836 HIGH

Bluetooth Core Specification <5.3 - Auth Bypass

CVE-2022-45914 MEDIUM

ETAG-2130-V4.3 - Info Disclosure

CVE-2022-44555 HIGH

DDMP/ODMF - DoS

CVE-2022-44457 CRITICAL

Mendix SAML - Info Disclosure

CVE-2022-29475 HIGH

Goabode Iota All-in-one Security Kit Firmware - Information Disclosure

CVE-2022-41541 HIGH

TP-Link AX10v1 - Open Redirect

CVE-2022-2780 HIGH

Octopus Server - SSRF

CVE-2022-42731 HIGH

django-mfa2 <2.5.1, <2.6.1 - Info Disclosure

CVE-2022-40621 HIGH

WAVLINK Quantum D4G - Info Disclosure

CVE-2022-37011 CRITICAL

Mendix SAML <1.17.0, <2.3.0, <3.3.0 - Auth Bypass

CVE-2022-36089 HIGH

KubeVela <1.4.11, <1.5.4 - Auth Bypass

CVE-2022-37418 MEDIUM

Nissan-Kia-Hyundai <2017 - RCE

CVE-2022-37305 MEDIUM

Honda - Privilege Escalation

CVE-2022-36945 MEDIUM

CVE-2022-31158 HIGH

LTI 1.3 Tool Library <5.0 - Info Disclosure

CVE-2022-29593 MEDIUM

Dingtian DT-R002 - RCE

CVE-2022-33971 HIGH

OMRON NX7/NX1/NJ - Auth Bypass

CVE-2022-33208 HIGH

Machine automation controller - Auth Bypass

Previous Page 5 of 9 Next

Details

Vulnerabilities 210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy