Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-294

CWE-294

High likelihood

Authentication Bypass by Capture-replay

Parent: CWE-1390 - Weak Authentication

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

219 vulnerabilities with CWE-294

CVE-2020-27157 HIGH

Veritas APTARE < 10.5 - Unauthenticated Authentication Bypass via Capture-replay

CVE-2020-24722 MEDIUM

GAEN protocol <2020-10-05 - Info Disclosure

CVE-2020-15688 HIGH

GoAhead < 5.1.2 - Unauthenticated Authentication Bypass via Digest Nonce Reuse

CVE-2020-10045 HIGH

SICAM MMU,SGU,T <V2.05,V2.18 - Auth Bypass

CVE-2020-4042 MEDIUM

bareos < 19.2.8 - Authentication Bypass via CRAM-MD5 Challenge Replay

CVE-2020-9438 MEDIUM

Tinxy Door Lock <3.2 - Privilege Escalation

CVE-2020-12692 MEDIUM

OpenStack Keystone <15.0.1-16.0.0 - Info Disclosure

CVE-2020-5300 MEDIUM

Hydra <1.4.0+oryOS.17 - Info Disclosure

CVE-2020-5261 HIGH

Sustainsys.Saml2 >2.0.0 <2.5.0 - Privilege Escalation

CVE-2020-6972 CRITICAL

Honeywell Fire Web Server <3.50 - Auth Bypass

CVE-2020-10185 HIGH

YubiKey Validation Server <2.40 - Replay Attack

CVE-2019-11856 LOW

ALEOS <4.13.0, <4.9.5, <4.4.9 - Replay Attack

CVE-2019-20626 MEDIUM

Honda HR-V 2017 Firmware - Authentication Bypass via RF Signal Replay

CVE-2019-13533 HIGH

Omron PLC CJ and CS Series - Authentication Bypass by Capture-replay

CVE-2019-12393 HIGH

Anviz Access Control Devices - Info Disclosure

CVE-2019-18226 CRITICAL

Honeywell equIP and Performance Series - Authentication Bypass via Replay Attack

CVE-2019-12887 HIGH

KeyIdentity LinOTP <2.10.5.3 - Info Disclosure

CVE-2019-11334 LOW

Tzumi Electronics Klic Lock 1.0.9 - Auth Bypass

CVE-2019-9158 MEDIUM

Gemalto DS3 Authentication Server <2.6.1-SP01 - Privilege Escalation

CVE-2019-5307 MEDIUM

Huawei 4G LTE <P30 ELE-AL00 9.1.0.162/C01E160R2P1 - Message Replay

CVE-2019-3915 HIGH

Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05 - Unauthenticated Authentication Bypass via Capture-replay

CVE-2019-9659 CRITICAL

Chuango 433 MHz burglar-alarm - Info Disclosure

CVE-2018-9477 HIGH

Android - Missing Authorization in Development Options

CVE-2018-19025 CRITICAL

JUUKO K-808 Firmware - Authentication Bypass by Capture-replay

CVE-2018-17932 CRITICAL

JUUKO K-800 Firmware - Authentication Bypass via Replay Attack

Previous Page 8 of 9 Next

Details

Vulnerabilities 219

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy