Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-288 (使用候选路径或通道进行的认证绕过) — Vulnerability Class 439

439 vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过). AI Chinese analysis included.

CWE-288 represents a critical authentication weakness where a system enforces security controls on primary interfaces while neglecting them on alternate paths or channels. Attackers typically exploit this by identifying overlooked entry points, such as administrative APIs, debug endpoints, or legacy protocols, which lack proper credential verification. By bypassing the main authentication gate, adversaries gain unauthorized access to sensitive data or functionality without needing valid credentials. To mitigate this risk, developers must adopt a comprehensive security architecture that treats all access channels equally. This involves implementing centralized authentication mechanisms across every interface, conducting rigorous code reviews to identify hidden endpoints, and performing thorough penetration testing that specifically targets non-standard access routes. Ensuring consistent security policies prevents attackers from exploiting these structural gaps to compromise system integrity.

MITRE CWE Description
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Common Consequences (1)
Access ControlBypass Protection Mechanism
Mitigations (1)
Architecture and DesignFunnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.
Examples (1)
Register SECURE_ME is located at address 0xF00. A mirror of this register called COPY_OF_SECURE_ME is at location 0x800F00. The register SECURE_ME is protected from malicious agents and only allows access to select, while COPY_OF_SECURE_ME is not. Access control is implemented using an allowlist (as indicated by a…
module foo_bar(data_out, data_in, incoming_id, address, clk, rst_n); output [31:0] data_out; input [31:0] data_in, incoming_id, address; input clk, rst_n; wire write_auth, addr_auth; reg [31:0] data_out, acl_oh_allowlist, q; assign write_auth = | (incoming_id & acl_oh_allowlist) ? 1 : 0; always @* acl_oh_allowlist <= 32'h8312; assign addr_auth = (address == 32'hF00) ? 1: 0; always @ (posedge clk or negedge rst_n) if (!rst_n) begin q <= 32'h0; data_out <= 32'h0; end else begin q <= (addr_auth & write_auth) ? data_in: q; data_out <= q; end end endmodule
Informative · Verilog
assign addr_auth = (address == 32'hF00) ? 1: 0;
Bad · Verilog
CVE IDTitleCVSSSeverityPublished
CVE-2023-43045 IBM Sterling Partner Engagement Manager security bypass — Sterling Partner Engagement Manager 5.9 Medium2023-10-23
CVE-2021-4353 WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Unauthenticated Settings Import/Export — WooCommerce Dynamic Pricing and Discounts 5.3 Medium2023-10-20
CVE-2023-4957 Authentication Bypass on Zebra ZTC — ZTC ZT410 5.4 Medium2023-10-11
CVE-2023-1260 Kube-apiserver: privesc 8.0 High2023-09-24
CVE-2023-42793 JetBrains TeamCity 安全漏洞 — TeamCity 9.8 Critical2023-09-19
CVE-2023-4702 Authentication Bypass in Digital Yepas — Digital Yepas 9.8 Critical2023-09-14
CVE-2023-41256 Dover Fueling Solutions MAGLINK LX Console Authentication Bypass — MAGLINK LX Web Console Configuration 9.1 Critical2023-09-11
CVE-2023-20269 Cisco ASA和FTD 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.0 Medium2023-09-06
CVE-2023-3162 Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass — Payment Gateway of Stripe for WooCommerce 9.8 Critical2023-08-31
CVE-2023-3249 Web3 – Crypto wallet Login & NFT token gating <= 2.6.0 - Authentication Bypass — Web3 – Crypto wallet Login & NFT token gating 9.8 Critical2023-06-30
CVE-2023-2834 BookIt <= 2.3.7 - Authentication Bypass — Bookit — Booking & Appointment Calendar 9.8 Critical2023-06-30
CVE-2023-2982 WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass — miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) 9.8 Critical2023-06-29
CVE-2023-34335 BMC AMI 访问控制错误漏洞 — MegaRAC_SPx 7.7 High2023-06-12
CVE-2023-2986 Abandoned Cart Lite for WooCommerce <= 5.15.1 - Authentication Bypass — Abandoned Cart Lite for WooCommerce 9.8 Critical2023-06-08
CVE-2021-4373 Better Search <= 2.5.2 - Cross-Site Request Forgery to Settings Import — Better Search – Relevant search results for WordPress 8.8 High2023-06-07
CVE-2020-36724 Wordable <= 3.1.1 - Authentication Bypass — Wordable – Export Google Docs to WordPress 9.8 Critical2023-06-07
CVE-2020-36713 MStore API <= 2.1.5 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-06-07
CVE-2023-2546 WP User Switch <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass via Cookie — WP User Switch 8.8 High2023-06-06
CVE-2023-2781 User Email Verification for WooCommerce <= 3.5.0 - Authentication Bypass — User Email Verification for WooCommerce 8.1 High2023-06-02
CVE-2022-36249 Shop Beat Services Vulnerable To Bypass 2FA via APIs — studio 8.8 -2023-05-30
CVE-2023-2732 MStore API <= 3.9.2 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2733 MStore API <= 3.9.0 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2734 MStore API <= 3.9.1 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2704 BP Social Connect <= 1.5 - Authentication Bypass — BP Social Connect 9.8 Critical2023-05-19
CVE-2023-20003 Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability — Cisco Business Wireless Access Point Software 4.7 Medium2023-05-18
CVE-2023-2499 RegistrationMagic <= 5.2.1.0 - Authentication Bypass — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 9.8 Critical2023-05-16
CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel — SEL-3505 4.0 Medium2023-05-10
CVE-2022-40725 PingID Desktop PIN attempt lockout bypass. — PingID Desktop for Windows 7.3 High2023-04-25
CVE-2023-2027 ZM Ajax Login & Register <= 2.0.2 - Authentication Bypass — ZM Ajax Login & Register 9.8 Critical2023-04-15
CVE-2023-20018 Cisco IP Phone 安全漏洞 — Cisco Session Initiation Protocol (SIP) Software 8.6 High2023-01-19

Vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过) represent 439 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.