Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

219 vulnerabilities with CWE-294

CVE-2021-39364 HIGH

Honeywell HDZP252DI <1.00.HW02.4 & HBW2PER1 <1.000.HW01.3 - Command...

CVE-2021-46145 MEDIUM

Honda Civic 2012 - Authentication Bypass via Keyfob Replay Attack

CVE-2021-40170 MEDIUM

SecuritasHome HPGW-G 0.0.2.23F - RCE

CVE-2021-41030 MEDIUM

FortiClient EMS <7.0.1, <6.4.4 - Auth Bypass

CVE-2021-38459 HIGH

versiondog < 8.0.0 - Authentication Bypass via Handshake Replay

CVE-2021-35067 HIGH

Meross MSG100 <3.2.3 - Replay Attack

CVE-2021-25480 MEDIUM

Qualcomm Modem <SMR Oct-2021 Release 1 - DoS

CVE-2021-27662 HIGH

Johnson Controls KT-1 Door Controller Firmware <= 3.01 - Authentication Bypass via TCP Packet Replay

CVE-2021-26824 HIGH

DM FingerTool v1.19 - Authentication Bypass via Replay Attack

CVE-2021-31958 HIGH

Windows NTLM - Privilege Escalation

CVE-2021-27572 HIGH

Emote Remote Mouse <4.0.0.0 - Auth Bypass

CVE-2021-22267 MEDIUM

HPE Web ViewPoint - Authentication Bypass via Replay Attack

CVE-2021-25835 HIGH

Cosmos Network Ethermint <= v0.4.0 - SSRF

CVE-2021-25834 HIGH

Cosmos Network Ethermint <= 0.4.0 - RCE

CVE-2020-35473 MEDIUM

Bluetooth Core Specification 4.0-5.2 - Authentication Bypass by Capture-replay via Resolvable Private Addressing

CVE-2020-27374 HIGH

Dr Trust USA iCheck Connect BP Monitor <1.2.1 - Info Disclosure

CVE-2020-23178 MEDIUM

PHP-Fusion 9.03.50 - Info Disclosure

CVE-2020-28713 MEDIUM

Night Owl Smart Doorbell FW <20190505 - Info Disclosure

CVE-2020-27269 MEDIUM

SOOIL Developments Co., Ltd Diabecare RS - Replay Attack

CVE-2020-26172 MEDIUM

Tangro Business Workflow <1.18.1 - Auth Bypass

CVE-2020-35551 CRITICAL

Samsung O(8.x)-Q(10.0) Exynos - Info Disclosure

CVE-2020-14302 MEDIUM

Keycloak < 13.0.0 - Authentication Bypass via State Parameter Replay

CVE-2020-25660 HIGH

Cephx <15.2.6,14.2.14 - Privilege Escalation

CVE-2020-13799 MEDIUM

Western Digital iNAND CL/Firmware < 2020-06-03 - Authentication Bypass via RPMB Replay

CVE-2020-12355 MEDIUM

Intel Trusted Execution Engine < 4.0.30 - Unauthenticated Authentication Bypass via RPMB Protocol Replay

Previous Page 7 of 9 Next

Details

Vulnerabilities 219

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy