CWE-288— Authentication Bypass Using an Alternate Path or Channel
509 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-288page 8 of 11
- CVE-2025-34026HIGHCVSS 7.5EG 9.0⚠ KEV2025-05-21
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged…
- CVE-2025-34143CRITICALCVSS 9.3EG 0.02025-07-22
An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a passw…
- CVE-2025-34251HIGHCVSS 8.6EG 0.02025-10-07
Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge (adbd) as root and, despite a “lockdown” check that disables adb shell, still permits…
- CVE-2025-34520CRITICALCVSS 9.8EG 9.82025-08-27
An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or explo…
- CVE-2025-3639LOWCVSS 2.0EG 0.02025-08-18
Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA t…
- CVE-2025-3652MEDIUMCVSS 5.3EG 5.32026-01-04
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Att…
- CVE-2025-3844CRITICALCVSS 9.8EG 9.82025-05-07
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality …
- CVE-2025-3932MEDIUMCVSS 6.5EG 7.52025-05-14
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thun…
- CVE-2025-39535HIGHCVSS 7.2EG 7.22025-04-17
Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7.
- CVE-2025-40581HIGHCVSS 7.1EG 7.12025-05-13
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices are vulnerable to an authentication bypass. This could allow a non-privileged l…
- CVE-2025-40743HIGHCVSS 8.3EG 8.32025-08-12
A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1…
- CVE-2025-40761HIGHCVSS 7.6EG 7.62025-08-12
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX…
- CVE-2025-41273CRITICALCVSS 9.8EG 9.82026-05-29
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to byp…
- CVE-2025-43422MEDIUMCVSS 4.6EG 4.62025-11-04
The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection.
- CVE-2025-43436HIGHCVSS 7.5EG 7.52025-11-04
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to enumerate a user's installed apps.
- CVE-2025-4427MEDIUMCVSS 5.3EG 9.0⚠ KEV2025-05-13
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
- CVE-2025-44957HIGHCVSS 8.5EG 8.52025-08-04
Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
- CVE-2025-45607CRITICALCVSS 9.8EG 9.82025-05-05
An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
- CVE-2025-46286MEDIUMCVSS 4.3EG 4.32026-01-09
A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26.2. Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment.
- CVE-2025-46412CRITICALCVSS 9.8EG 9.82025-05-21
Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication.
- CVE-2025-4687HIGHCVSS 7.2EG 0.02025-05-29
In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the atta…
- CVE-2025-47244HIGHCVSS 7.3EG 7.32025-05-03
Inedo ProGet through 2024.22 allows remote attackers to reach restricted functionality through the C# reflection layer, as demonstrated by causing a denial of service (when an attacker executes a loop calling RestartWeb) or obtaining poten…
- CVE-2025-47461HIGHCVSS 8.8EG 8.82025-05-23
Authentication Bypass Using an Alternate Path or Channel vulnerability in mediaticus Subaccounts for WooCommerce subaccounts-for-woocommerce allows Authentication Abuse.This issue affects Subaccounts for WooCommerce: from n/a through <= 1.…
- CVE-2025-47707HIGHCVSS 7.5EG 7.52025-05-14
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.…
- CVE-2025-47710HIGHCVSS 7.4EG 7.42025-05-14
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.…
- CVE-2025-47941HIGHCVSS 7.2EG 7.22025-05-20
TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, the multifactor authentication (MFA) dialog presented during backend login can b…
- CVE-2025-4797CRITICALCVSS 9.8EG 9.82025-06-03
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity pr…
- CVE-2025-48010MEDIUMCVSS 4.8EG 4.82025-05-21
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue affects One Time Password: from 0.0.0 before 1.3.0.
- CVE-2025-48011MEDIUMCVSS 4.8EG 4.82025-05-21
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue affects One Time Password: from 0.0.0 before 1.3.0.
- CVE-2025-48904MEDIUMCVSS 4.4EG 4.42025-06-06
Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48926MEDIUMCVSS 4.3EG 4.32025-05-28
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.
- CVE-2025-49125HIGHCVSS 7.5EG 7.52025-06-16
Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an une…
- CVE-2025-4973CRITICALCVSS 9.8EG 9.82025-06-12
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's …
- CVE-2025-49901CRITICALCVSS 9.8EG 6.52025-10-22
Authentication Bypass Using an Alternate Path or Channel vulnerability in quantumcloud Simple Link Directory qc-simple-link-directory allows Authentication Abuse.This issue affects Simple Link Directory: from n/a through < 14.8.1.
- CVE-2025-5060HIGHCVSS 8.1EG 8.12025-08-23
The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebo…
- CVE-2025-50904CRITICALCVSS 9.8EG 9.82025-08-20
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.
- CVE-2025-51381CRITICALCVSS 9.8EG 9.82025-06-18
An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this vulnerability is exploited, an attacker may bypass the authentication of the product from within the LAN to which the product is connected.
- CVE-2025-51452CRITICALCVSS 9.8EG 9.82025-08-13
In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
- CVE-2025-5190HIGHCVSS 8.8EG 8.82025-05-30
The Browse As plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2. This is due to incorrect authentication checking in the 'IS_BA_Browse_As::notice' function with the 'is_ba_original_user_COOKI…
- CVE-2025-52338MEDIUMCVSS 5.3EG 5.32025-08-19
An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.
- CVE-2025-53099HIGHCVSS 7.5EG 7.52025-07-01
Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth application registered with Sentry can take advantage of a race condition and improper handling of auth…
- CVE-2025-53187CRITICALCVSS 9.8EG 7.02025-08-11
Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the syste…
- CVE-2025-5397CRITICALCVSS 9.8EG 9.82025-10-31
The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.8.1. This is due to the check_login() function not properly verifying a user's identity prior to successfully authenticat…
- CVE-2025-54713CRITICALCVSS 9.8EG 9.82025-08-20
Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Authentication Abuse.This issue affects Taxi Booking Manager for WooCommerce: fr…
- CVE-2025-54725CRITICALCVSS 9.8EG 9.82025-08-28
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo golo allows Authentication Abuse.This issue affects Golo: from n/a through <= 1.7.0.
- CVE-2025-54738CRITICALCVSS 9.8EG 9.82025-08-28
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster noo-jobmonster allows Authentication Abuse.This issue affects Jobmonster: from n/a through <= 4.7.9.
- CVE-2025-55012HIGHCVSS 8.5EG 0.02025-08-11
Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vu…
- CVE-2025-55338MEDIUMCVSS 6.1EG 6.12025-10-14
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- CVE-2025-55623MEDIUMCVSS 5.4EG 5.42025-08-22
An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge).
- CVE-2025-57819CRITICALCVSS 9.8EG 9.8⚠ KEV2025-08-28
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary …
Map vulnerabilities like CWE-288 to your infrastructure
EchelonGraph correlates every CVE — across CWE-288 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →