VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 3 of 36
  • CVE-2018-0277HigMay 17, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to…

  • CVE-2018-6221HigMar 15, 2018
    risk 0.56cvss 8.1epss 0.06

    An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.

  • CVE-2026-45175HigJun 11, 2026
    risk 0.55cvss epss 0.00

    Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could…

  • CVE-2025-44018HigNov 24, 2025
    risk 0.54cvss 8.3epss 0.00

    A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.

  • CVE-2025-34066HigJul 1, 2025
    risk 0.54cvss epss 0.00

    An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle (MITM) attacks.

  • CVE-2026-53475CriJun 10, 2026
    risk 0.53cvss 9.3epss 0.00

    A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials.…

  • CVE-2026-32992HigMay 13, 2026
    risk 0.53cvss 8.2epss 0.00

    SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and capture credentials.

  • CVE-2025-9293HigFeb 13, 2026
    risk 0.53cvss 8.1epss 0.00

    A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position…

  • CVE-2026-22696CriJan 26, 2026
    risk 0.53cvss epss 0.00

    dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives). A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral…

  • CVE-2025-40801HigDec 9, 2025
    risk 0.53cvss 8.1epss 0.00

    A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), JT Bi-Directional Translator for STEP (All versions), NX V2412 (All versions < V2412.8900 with Cloud Entitlement (bundled as NX X)), NX V2506 (All versions <…

  • CVE-2025-61778CriOct 6, 2025
    risk 0.53cvss epss 0.00

    Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our `akka.remote.dot-netty.tcp` transport and this would correctly enforce private key validation on the server-side of…

  • CVE-2025-28169HigApr 23, 2025
    risk 0.53cvss 8.1epss 0.00

    BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack.

  • CVE-2024-47258HigFeb 6, 2025
    risk 0.53cvss 8.1epss 0.00

    2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. 2N has currently released an updated version 3.3 of 2N Access Commander, with added Certificate Fingerprint…

  • CVE-2024-6001HigDec 16, 2024
    risk 0.53cvss 8.1epss 0.00

    An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with elevated privileges.

  • CVE-2018-17215HigSep 26, 2018
    risk 0.53cvss 8.1epss 0.01

    An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. Thus,…

  • CVE-2018-15476HigAug 30, 2018
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The SSL/TLS server certificate in the device to…

  • CVE-2017-2649HigJul 27, 2018
    risk 0.53cvss 8.1epss 0.01

    It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks.

  • CVE-2018-1000500HigJun 26, 2018
    risk 0.53cvss 8.1epss 0.02

    Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-…

  • CVE-2018-10066HigApr 13, 2018
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's…

  • CVE-2016-9952HigMar 12, 2018
    risk 0.53cvss 8.1epss 0.01

    The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as…