Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CWE-290 (使用欺骗进行的认证绕过) — Vulnerability Class 267

267 vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过). AI Chinese analysis included.

CWE-290 represents a critical authentication weakness where systems fail to properly validate the origin of identity claims, allowing attackers to bypass security controls through spoofing. This vulnerability typically arises when authentication mechanisms rely on easily forged data, such as IP addresses or HTTP headers, without implementing robust verification. Attackers exploit this by injecting malicious or manipulated credentials that mimic legitimate users, thereby gaining unauthorized access to sensitive resources or administrative functions. To mitigate this risk, developers must implement multi-factor authentication and ensure that identity verification relies on cryptographically secure tokens rather than easily spoofable network identifiers. Additionally, rigorous input validation and strict adherence to secure authentication protocols, such as OAuth or OpenID Connect, help prevent attackers from impersonating valid entities, ensuring that only genuinely authenticated users can access protected systems.

MITRE CWE Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Common Consequences (1)
Access ControlBypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.
Examples (2)
The following code authenticates users.
String sourceIP = request.getRemoteAddr(); if (sourceIP != null && sourceIP.equals(APPROVED_IP)) { authenticated = true; }
Bad · Java
Both of these examples check if a request is from a trusted address before responding to the request.
sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==getTrustedAddress()) { n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen); } }
Bad · C
while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData(),0, rp.getLength()); InetAddress clientIPAddress = rp.getAddress(); int port = rp.getPort(); if (isTrustedAddress(clientIPAddress) & secretKey.equals(in)) { out = secret.getBytes(); DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-53833 QQBot for OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command — OpenClaw 7.7 High2026-06-12
CVE-2026-53832 OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration — OpenClaw 7.7 High2026-06-12
CVE-2026-53823 OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom — OpenClaw 8.1 High2026-06-12
CVE-2026-5792 Authentication Bypass in Related Digital's Related Marketing Cloud (RMC) — Related Marketing Cloud (RMC) 6.5 Medium2026-06-12
CVE-2026-53817 OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing — OpenClaw 8.8 High2026-06-11
CVE-2026-53811 OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Display Names in Matrix allowFrom — OpenClaw 8.8 High2026-06-11
CVE-2026-6090 Lenovo Smart Connect Windows认证绕过漏洞 — Smart Connect 7.0 High2026-06-10
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability — Azure HorizonDB 10.0 Critical2026-06-04
CVE-2026-8644 IBM WebSphere Application Server is affected by an identity spoofing vulnerability — WebSphere Application Server 9.1 Critical2026-06-01
CVE-2026-42674 WordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerability — Advanced Access Manager 7.5 High2026-06-01
CVE-2026-47123 FreeScout: Agent Impersonation via Missing HMAC Verification on Notification Reply Message-ID Path — freescout 7.5 High2026-05-29
CVE-2026-44649 SillyTavern: Authentication Bypass via SSO Header Injection — SillyTavern 9.8 Critical2026-05-29
CVE-2026-46414 Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking — UFO 8.8 High2026-05-27
CVE-2026-8676 Silicon Simplicity SDK 安全漏洞 — Simplicity SDK 8.8 High2026-05-26
CVE-2018-25361 Soroush IM Desktop App 0.17.0 Authentication Bypass via Database Injection — Soroush IM Desktop App 6.8 Medium2026-05-25
CVE-2026-7507 Org.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeover — Red Hat build of Keycloak 26.2 7.5 High2026-05-19
CVE-2026-46356 Fleet: IP spoofing allows bypassing API rate limiting — fleet--2026-05-14
CVE-2026-24899 Fleet Windows MDM Azure AD JWT Authentication Bypass — fleet--2026-05-14
CVE-2026-24000 Fleet has a rate limiting bypass via untrusted client IP headers — fleet--2026-05-14
CVE-2026-40460 NGINX ngx_quic_module vulnerability — NGINX Plus 6.5 Medium2026-05-13
CVE-2026-44183 Cleanuparr: X-Forwarded-For leftmost parsing allows remote unauthenticated admin takeover when reverse-proxy mode is enabled — Cleanuparr 9.8 Critical2026-05-12
CVE-2026-45223 Crabbox < 0.9.0 Authentication Bypass via Admin Claim Injection — crabbox 8.8 High2026-05-11
CVE-2021-47923 OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie — opencart 9.8 Critical2026-05-10
CVE-2026-42354 Sentry: Improper authentication on SAML SSO process allows user identity linking — sentry 9.1 Critical2026-05-08
CVE-2026-44118 OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Token Header — OpenClaw 7.8 High2026-05-06
CVE-2026-39858 Traefik: Forwarded alias spoofing top pre-auth decision bypass — traefik 9.8 -2026-04-30
CVE-2018-25318 Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change — FH303/A300 9.8 Critical2026-04-29
CVE-2018-25317 Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change — W3002R 9.8 Critical2026-04-29
CVE-2018-25316 Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change — W308R v2 9.8 Critical2026-04-29
CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing — FreeRTOS-Plus-TCP 6.5 Medium2026-04-29

Vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过) represent 267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.