VYPR

CWE-288

Authentication Bypass Using an Alternate Path or Channel

BaseIncomplete

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-127 · CAPEC-665

CVEs mapped to this weakness (336)

page 10 of 17
  • CVE-2026-33950CriApr 2, 2026
    risk 0.54cvss 9.4epss 0.00

    Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0-beta.4, there is a privilege escalation vulnerability by Admin Role Injection via /enableSecurity. An unauthenticated attacker can gain full Administrator access to the SignalK…

  • CVE-2025-40743HigAug 12, 2025
    risk 0.54cvss 8.3epss 0.00

    A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5),…

  • CVE-2025-7742HigJul 25, 2025
    risk 0.54cvss epss 0.01

    An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the devices non-volatile storage. This action may result in remote code execution that allows an attacker to run arbitrary…

  • CVE-2026-48970HigJun 15, 2026
    risk 0.53cvss 8.1epss 0.00

    Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.

  • CVE-2026-42411HigJun 15, 2026
    risk 0.53cvss 8.1epss 0.00

    Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.

  • CVE-2026-42735HigMay 27, 2026
    risk 0.53cvss 8.2epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.

  • CVE-2026-42300CriMay 12, 2026
    risk 0.53cvss epss 0.00

    DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw string value as the authenticated userID when no Kratos session cookie is present. An…

  • CVE-2026-3324HigApr 16, 2026
    risk 0.53cvss 8.2epss 0.01

    Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

  • CVE-2026-25406HigMar 25, 2026
    risk 0.53cvss 8.1epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authentication Abuse.This issue affects Tutor LMS Pro: from n/a through <= 3.9.4.

  • CVE-2026-25357HigMar 25, 2026
    risk 0.53cvss 8.1epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7.

  • CVE-2026-22733HigMar 20, 2026
    risk 0.53cvss 8.2epss 0.00

    Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0…

  • CVE-2026-22731HigMar 19, 2026
    risk 0.53cvss 8.2epss 0.00

    Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring…

  • CVE-2026-25471HigMar 19, 2026
    risk 0.53cvss 8.1epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Themepaste Admin Safety Guard admin-safety-guard allows Password Recovery Exploitation.This issue affects Admin Safety Guard: from n/a through <= 1.2.6.

  • CVE-2026-1779HigFeb 26, 2026
    risk 0.53cvss 8.1epss 0.00

    The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member' function. This makes it possible for unauthenticated attackers to log in a…

  • CVE-2025-67070HigJan 9, 2026
    risk 0.53cvss 8.2epss 0.00

    A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-factor authentication (MFA) mechanism during the password recovery process. This results in the ability to change the admin password and…

  • CVE-2025-13018HigNov 11, 2025
    risk 0.53cvss 8.1epss 0.00

    Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

  • CVE-2025-7038HigSep 30, 2025
    risk 0.53cvss 8.2epss 0.00

    The LatePoint plugin for WordPress is vulnerable to Authentication Bypass due to insufficient identity verification within the steps__load_step route of the latepoint_route_call AJAX endpoint in all versions up to, and including, 5.1.94. The endpoint reads the client-supplied…

  • CVE-2025-5955HigSep 19, 2025
    risk 0.53cvss 8.1epss 0.00

    The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to…

  • CVE-2025-5060HigAug 23, 2025
    risk 0.53cvss 8.1epss 0.00

    The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it…

  • CVE-2024-26009HigAug 12, 2025
    risk 0.53cvss 8.1epss 0.01

    An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 through 6.2.16, FortiOS 6.0 all versions, FortiPAM 1.2.0, FortiPAM 1.1.0 through 1.1.2, FortiPAM 1.0.0 through 1.0.3, FortiProxy 7.4.0…