VYPR

CWE-288

Authentication Bypass Using an Alternate Path or Channel

BaseIncomplete

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-127 · CAPEC-665

CVEs mapped to this weakness (336)

page 15 of 17
  • CVE-2026-40790MedJun 15, 2026
    risk 0.35cvss 6.5epss 0.00

    Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions.

  • CVE-2026-41308MedMay 8, 2026
    risk 0.35cvss 6.5epss 0.00

    Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain…

  • CVE-2025-10531MedSep 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability was fixed in Firefox 143 and Thunderbird 143.

  • CVE-2024-33939MedMay 19, 2025
    risk 0.35cvss 5.3epss 0.01

    Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.3.

  • CVE-2017-6871MedAug 8, 2017
    risk 0.35cvss 5.4epss 0.00

    A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app…

  • CVE-2026-40799MedJun 15, 2026
    risk 0.34cvss 5.3epss 0.00

    Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions.

  • CVE-2026-8990MedMay 28, 2026
    risk 0.34cvss epss 0.00

    A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with application's push notification. This issue was fixed in version 4.4.3

  • CVE-2025-52338MedAug 19, 2025
    risk 0.34cvss 5.3epss 0.00

    An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.

  • CVE-2025-26700MedFeb 17, 2025
    risk 0.34cvss 5.2epss 0.00

    Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive…

  • CVE-2024-46887MedOct 8, 2024
    risk 0.34cvss 5.3epss 0.01

    The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about…

  • CVE-2021-4353MedOct 20, 2023
    risk 0.34cvss 5.3epss 0.01

    The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthenticated settings export in versions up to, and including, 2.4.1. This is due to missing authorization on the export() function which makes makes it possible for unauthenticated attackers…

  • CVE-2026-42303MedMay 12, 2026
    risk 0.33cvss epss 0.00

    Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request…

  • CVE-2024-37893MedJun 17, 2024
    risk 0.31cvss 5.9epss 0.01

    Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using…

  • CVE-2026-1917MedMar 25, 2026
    risk 0.28cvss 4.3epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Login Disable allows Functionality Bypass.This issue affects Login Disable: from 0.0.0 before 2.1.3.

  • CVE-2026-47200MedJun 12, 2026
    risk 0.27cvss 5.3epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled…

  • CVE-2026-35664MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send raw card commands to bypass DM pairing restrictions and reach callback handling without proper…

  • CVE-2026-35661MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct…

  • CVE-2026-35654MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback…

  • CVE-2026-35647MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access…

  • CVE-2026-35634MedApr 9, 2026
    risk 0.26cvss 5.1epss 0.00

    OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasRequest() unconditionally allows local-direct requests without validating bearer tokens or canvas capabilities. Attackers can send unauthenticated loopback HTTP…