Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

210 vulnerabilities with CWE-294

CVE-2022-30467 MEDIUM

Joyebike Wolf 2022 Firmware - Denial of Service

CVE-2022-31277 HIGH

Xiaomi Lamp 1 <v2.0.4_0066 - Open Redirect

CVE-2022-30466 MEDIUM

Joybike Wolf Firmware - Authentication Bypass

CVE-2022-31265 HIGH

Wargaming World of Warships <0.11.4 - RCE

CVE-2022-29334 CRITICAL

H v1.0 - Auth Bypass

CVE-2022-29878 HIGH

SICAM T < V3.0 - Info Disclosure

CVE-2022-25159 HIGH

Mitsubishielectric Fx5uc Firmware - Authentication Bypass

CVE-2022-22936 HIGH

SaltStack Salt <3002.8-3004.1 - Privilege Escalation

CVE-2022-27254 MEDIUM

Honda Civic 2018 - Replay Attack

CVE-2022-22806 CRITICAL

Schneider-electric Smt Series 1015 Up... - Authentication Bypass

CVE-2022-25838 HIGH

Laravel Fortify <1.11.1 - Info Disclosure

CVE-2021-27289 CRITICAL

Ksix Zigbee Smart Home Kit <1.0.3 <1.0.7 - Replay Attack via Frame Counter

CVE-2021-38827 HIGH

Xiongmai Camera XM-JPR2-LX - Account Takeover

CVE-2021-46835 MEDIUM

WS7200-10 11.0.2.13 - SSRF

CVE-2021-22640 HIGH

Ovarro TBox - Info Disclosure

CVE-2021-38296 HIGH

Apache Spark <3.1.2 - Info Disclosure

CVE-2021-39364 HIGH

Honeywell HDZP252DI <1.00.HW02.4 & HBW2PER1 <1.000.HW01.3 - Command...

CVE-2021-46145 MEDIUM

Honda Civic 2012 - Info Disclosure

CVE-2021-40170 MEDIUM

SecuritasHome HPGW-G 0.0.2.23F - RCE

CVE-2021-41030 MEDIUM

FortiClient EMS <7.0.1, <6.4.4 - Auth Bypass

CVE-2021-38459 HIGH

SYSDBA - Privilege Escalation

CVE-2021-35067 HIGH

Meross MSG100 <3.2.3 - Replay Attack

CVE-2021-25480 MEDIUM

Qualcomm Modem <SMR Oct-2021 Release 1 - DoS

CVE-2021-27662 HIGH

Johnson Controls KT-1 <3.01 - SSRF

CVE-2021-26824 HIGH

DM FingerTool v1.19 - Auth Bypass

Previous Page 6 of 9 Next

Details

Vulnerabilities 210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy