Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

210 vulnerabilities with CWE-294

CVE-2021-31958 HIGH

Windows NTLM - Privilege Escalation

CVE-2021-27572 HIGH

Emote Remote Mouse <4.0.0.0 - Auth Bypass

CVE-2021-22267 MEDIUM

Idelji Web ViewPoint Suite - SSRF

CVE-2021-25835 HIGH

Cosmos Network Ethermint <= v0.4.0 - SSRF

CVE-2021-25834 HIGH

Cosmos Network Ethermint <= 0.4.0 - RCE

CVE-2020-35473 MEDIUM

Bluetooth Core Specification < 5.2 - Information Disclosure

CVE-2020-27374 HIGH

Dr Trust USA iCheck Connect BP Monitor <1.2.1 - Info Disclosure

CVE-2020-23178 MEDIUM

PHP-Fusion 9.03.50 - Info Disclosure

CVE-2020-28713 MEDIUM

Night Owl Smart Doorbell FW <20190505 - Info Disclosure

CVE-2020-27269 MEDIUM

SOOIL Developments Co., Ltd Diabecare RS - Replay Attack

CVE-2020-26172 MEDIUM

Tangro Business Workflow <1.18.1 - Auth Bypass

CVE-2020-35551 CRITICAL

Samsung O(8.x)-Q(10.0) Exynos - Info Disclosure

CVE-2020-14302 MEDIUM

Keycloak <13.0.0 - SSRF

CVE-2020-25660 HIGH

Cephx <15.2.6,14.2.14 - Privilege Escalation

CVE-2020-13799 MEDIUM

Western Digital - Info Disclosure

CVE-2020-12355 MEDIUM

Intel Trusted Execution Engine < 4.0.30 - Authentication Bypass

CVE-2020-27157 HIGH

Veritas APTARE <10.5 - Auth Bypass

CVE-2020-24722 MEDIUM

GAEN protocol <2020-10-05 - Info Disclosure

CVE-2020-15688 HIGH

GoAhead <5.1.2 - Auth Bypass

CVE-2020-10045 HIGH

SICAM MMU,SGU,T <V2.05,V2.18 - Auth Bypass

CVE-2020-4042 MEDIUM

Bareos <19.2.8 - Info Disclosure

CVE-2020-9438 MEDIUM

Tinxy Door Lock <3.2 - Privilege Escalation

CVE-2020-12692 MEDIUM

OpenStack Keystone <15.0.1-16.0.0 - Info Disclosure

CVE-2020-5300 MEDIUM

Hydra <1.4.0+oryOS.17 - Info Disclosure

CVE-2020-5261 HIGH

Sustainsys.Saml2 >2.0.0 <2.5.0 - Privilege Escalation

Previous Page 7 of 9 Next

Details

Vulnerabilities 210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy