VYPR

CWE-288

Authentication Bypass Using an Alternate Path or Channel

BaseIncomplete

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-127 · CAPEC-665

CVEs mapped to this weakness (336)

page 12 of 17
  • CVE-2025-43436HigNov 4, 2025
    risk 0.49cvss 7.5epss 0.01

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to enumerate a user's installed apps.

  • CVE-2025-40761HigAug 12, 2025
    risk 0.49cvss 7.6epss 0.00

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX…

  • CVE-2025-24095HigMar 31, 2025
    risk 0.49cvss 7.6epss 0.01

    This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4. An app may be able to bypass Privacy preferences.

  • CVE-2025-24846HigMar 3, 2025
    risk 0.49cvss 7.5epss 0.00

    Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted…

  • CVE-2024-11981HigNov 29, 2024
    risk 0.49cvss 7.5epss 0.01

    Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages.

  • CVE-2018-5386HigJul 24, 2018
    risk 0.49cvss 7.5epss 0.05

    Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.

  • CVE-2026-22037HigJan 19, 2026
    risk 0.48cvss 8.4epss 0.00

    The @fastify/express plugin adds full Express compatibility to Fastify. A security vulnerability exists in @fastify/express prior to version 4.0.3 where middleware registered with a specific path prefix can be bypassed using URL-encoded characters (e.g., `/%61dmin` instead of…

  • CVE-2025-55012HigAug 11, 2025
    risk 0.48cvss epss 0.00

    Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a…

  • CVE-2025-47244HigMay 3, 2025
    risk 0.48cvss 7.3epss 0.00

    Inedo ProGet through 2024.22 allows remote attackers to reach restricted functionality through the C# reflection layer, as demonstrated by causing a denial of service (when an attacker executes a loop calling RestartWeb) or obtaining potentially sensitive information.…

  • CVE-2026-42745HigMay 27, 2026
    risk 0.47cvss 7.3epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Authentication Bypass.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0.

  • CVE-2026-24206HigMay 20, 2026
    risk 0.47cvss 7.3epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure.

  • CVE-2026-8321HigMay 11, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate…

  • CVE-2025-66238HigDec 4, 2025
    risk 0.47cvss 7.2epss 0.00

    DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine.

  • CVE-2025-31512HigJul 22, 2025
    risk 0.47cvss 7.3epss 0.00

    An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20Building%20Access requestSubmit API call. The vendor has stated that the system is protected by updating to a version equal to or greater than…

  • CVE-2025-4687HigMay 29, 2025
    risk 0.47cvss epss 0.00

    In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the attackers company without their knowledge.…

  • CVE-2025-39535HigApr 17, 2025
    risk 0.47cvss 7.2epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7.

  • CVE-2024-7027HigJul 24, 2024
    risk 0.47cvss 7.3epss 0.00

    The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied during a QR code login through the plugin. This makes it possible for…

  • CVE-2026-40785HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions.

  • CVE-2026-39450HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions.

  • CVE-2026-42654HigJun 2, 2026
    risk 0.46cvss 7.1epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5.