VYPR

CWE-290

Authentication Bypass by Spoofing

BaseIncomplete

Description

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-21 · CAPEC-22 · CAPEC-459 · CAPEC-461 · CAPEC-473 · CAPEC-476 · CAPEC-59 · CAPEC-60 · CAPEC-667 · CAPEC-94

CVEs mapped to this weakness (280)

page 1 of 14
  • CVE-2026-48567CriJun 4, 2026
    risk 0.65cvss 10.0epss 0.01

    Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-6213CriMay 8, 2026
    risk 0.65cvss epss 0.00

    A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation the vulnerability can be exploited by an unauthenticated…

  • CVE-2025-9265CriOct 13, 2025
    risk 0.65cvss epss 0.00

    A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in…

  • CVE-2025-34063CriJul 1, 2025
    risk 0.65cvss epss 0.01

    A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1.5 due to the exposure of a tenant’s SSO JWT signing key via the /api/adc/v4/configuration endpoint. An attacker in possession of the signing key can craft valid JWT tokens…

  • CVE-2026-36537CriJun 15, 2026
    risk 0.64cvss 9.8epss 0.01

    ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly trusts user-supplied identity data within the user parameter of the /login/oauth2/code/ endpoint. By manipulating the email address in this…

  • CVE-2026-44183CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.00

    Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the…

  • CVE-2021-47923CriMay 10, 2026
    risk 0.64cvss 9.8epss 0.00

    OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set malicious OCSESSID cookie values that the server accepts and maintains, enabling session takeover…

  • CVE-2018-25318CriApr 29, 2026
    risk 0.64cvss 9.8epss 0.01

    Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin…

  • CVE-2018-25317CriApr 29, 2026
    risk 0.64cvss 9.8epss 0.01

    Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns…

  • CVE-2018-25316CriApr 29, 2026
    risk 0.64cvss 9.8epss 0.01

    Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language…

  • CVE-2025-59707CriMar 25, 2026
    risk 0.64cvss 9.8epss 0.01

    In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account credentials theft because of a spoofing vulnerability.

  • CVE-2025-59706CriMar 25, 2026
    risk 0.64cvss 9.8epss 0.01

    In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution.

  • CVE-2026-2800CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

  • CVE-2020-37056CriJan 30, 2026
    risk 0.64cvss 9.8epss 0.01

    Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent…

  • CVE-2025-8853CriAug 11, 2025
    risk 0.64cvss 9.8epss 0.01

    Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtain any user's connection token and use it to log into the system as that user.

  • CVE-2025-1298CriFeb 14, 2025
    risk 0.64cvss 9.8epss 0.00

    Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.

  • CVE-2024-13061CriDec 31, 2024
    risk 0.64cvss 9.8epss 0.01

    The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens, unauthenticated remote attackers can still deceive the server to obtain tokens…

  • CVE-2024-46957CriSep 25, 2024
    risk 0.64cvss 9.8epss 0.01

    Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.

  • CVE-2023-4178CriSep 5, 2023
    risk 0.64cvss 9.8epss 0.01

    Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neutron Smart VMS: before b1130.1.0.1.

  • CVE-2023-2887CriMay 25, 2023
    risk 0.64cvss 9.8epss 0.01

    Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.