CVE-2024-38438
9.8CRITICAL
D-Link - CWE-294: Authentication Bypass by Capture-replay
D-Link - CWE-294: Authentication Bypass by Capture-replay
7/21/2024CWE-294
Tipo de Debilidad
CWE-294
Todas las vulnerabilidades CVE clasificadas bajo este tipo de debilidad.
Ver en MITRE CWETotal CVEs
50
Críticos
9
En KEV
0
Con Exploits
0
CVE-2023-39373
7.4HIGH
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
9/3/2023CWE-294
CVE-2024-5249
5.4MEDIUM
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
7/30/2024CWE-294, CWE-294
CVE-2021-38827
7.5HIGH
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.
11/14/2022CWE-294, CWE-294
CVE-2021-41030
5.4MEDIUM
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user...
12/8/2021CWE-294
CVE-2018-17903
9.1CRITICAL
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.
10/24/2018CWE-294, CWE-294
CVE-2022-48507
7.5HIGH
Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.
Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.
7/6/2023CWE-294, CWE-294
CVE-2024-39081
4.2MEDIUM
An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.
An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.
9/18/2024CWE-294, CWE-294
CVE-2023-31759
7.5HIGH
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.
5/24/2023CWE-294, CWE-294
CVE-2020-6972
9.1CRITICAL
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
3/24/2020CWE-294, CWE-294
CVE-2023-31763
7.5HIGH
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
5/24/2023CWE-294, CWE-294
CVE-2023-31762
7.5HIGH
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.
5/24/2023CWE-294, CWE-294
CVE-2023-31761
7.5HIGH
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
5/24/2023CWE-294, CWE-294
CVE-2025-49752
10.0CRITICAL
Azure Bastion Elevation of Privilege Vulnerability
Azure Bastion Elevation of Privilege Vulnerability
11/20/2025CWE-294
CVE-2024-29901
4.8MEDIUM
The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the `x-workos-session
The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the `x-workos-session...
3/29/2024CWE-294, CWE-294
CVE-2023-46892
8.8HIGH
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unau
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unau...
1/23/2024CWE-294, CWE-294
CVE-2023-50128
5.3MEDIUM
The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks
The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks ...
1/11/2024CWE-294, CWE-294
CVE-2023-36857
5.4MEDIUM
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to g
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to g...
10/19/2023CWE-294, CWE-294
CVE-2022-38766
8.1HIGH
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
1/3/2023CWE-294, CWE-294
CVE-2022-41541
8.1HIGH
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to t
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to t...
10/18/2022CWE-294, CWE-294
CVE-2022-2780
8.1HIGH
In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack.
In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack.
10/14/2022CWE-294, CWE-294
CVE-2022-29593
5.9MEDIUM
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
7/14/2022CWE-294, CWE-294
CVE-2021-25480
4.4MEDIUM
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.
10/6/2021CWE-294, CWE-294
CVE-2020-14302
4.9MEDIUM
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the ...
12/15/2020CWE-294, CWE-294
CVE-2024-3982
8.2HIGH
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already establishe
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already establishe...
8/27/2024CWE-294, CWE-294
CVE-2024-4009
9.2CRITICAL
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System
6/5/2024CWE-294, CWE-294
CVE-2019-13533
8.1HIGH
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening a
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening a...
12/16/2019CWE-294, CWE-294
CVE-2023-30909
9.8CRITICAL
A remote authentication bypass issue exists in some OneView APIs.
A remote authentication bypass issue exists in some OneView APIs.
9/14/2023CWE-294
CVE-2018-15498
8.1HIGH
YSoft SafeQ Server 6 allows a replay attack.
YSoft SafeQ Server 6 allows a replay attack.
3/21/2019CWE-294
CVE-2024-29850
8.8HIGH
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
5/22/2024CWE-294
CVE-2024-22066
7.5HIGH
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the dev
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the dev...
10/29/2024CWE-294, CWE-294
CVE-2024-8260
6.1MEDIUM
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary...
8/30/2024CWE-294, CWE-294
CVE-2022-45914
6.5MEDIUM
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF transceiver on the ETAG-2130-V4.3 20190629 board, does not use authentication, which allows attackers to c
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF transceiver on the ETAG-2130-V4.3 20190629 board, does not use authentication, which allows attackers to c...
11/27/2022CWE-294, CWE-294
CVE-2022-42731
7.5HIGH
mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated af
mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated af...
10/11/2022CWE-294, CWE-294
CVE-2021-27662
8.6HIGH
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and incl
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and incl...
9/15/2021CWE-294, CWE-294
CVE-2019-9158
5.7MEDIUM
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control.
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control.
6/5/2019CWE-294
CVE-2024-38272
4.3MEDIUM
There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the use
There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the use...
6/26/2024CWE-294, CWE-294
CVE-2022-40621
7.5HIGH
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supp
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supp...
9/13/2022CWE-294, CWE-294
CVE-2022-22936
8.8HIGH
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying ...
3/29/2022CWE-294, CWE-294
CVE-2020-27269
5.7MEDIUM
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measure
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measure...
1/19/2021CWE-294, CWE-294
CVE-2020-10045
8.8HIGH
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error in the challenge-response procedure could allow an attacker
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error in the challenge-response procedure could allow an attacker ...
7/14/2020CWE-294, CWE-294
CVE-2022-22806
9.8CRITICAL
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Fa
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Fa...
3/9/2022CWE-294, CWE-294
CVE-2023-23397
9.8CRITICAL
Microsoft Outlook Elevation of Privilege Vulnerability
Microsoft Outlook Elevation of Privilege Vulnerability
3/14/2023CWE-20, CWE-294
CVE-2024-38823
2.7LOW
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport.
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport.
6/13/2025CWE-294
CVE-2024-37016
6.8MEDIUM
Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach.
Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach.
7/15/2024CWE-294
CVE-2023-1886
7.3HIGH
Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
4/5/2023CWE-294
CVE-2023-1537
9.8CRITICAL
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
3/21/2023CWE-294
CVE-2019-12887
8.1HIGH
KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2).
KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2).
6/27/2019CWE-294
CVE-2022-31158
7.5HIGH
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the...
7/15/2022CWE-294, CWE-294
CVE-2022-30466
6.5MEDIUM
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture-replay.
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture-replay.
6/7/2022CWE-294
Mostrando 50 de many CVEs