Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-290 (使用欺骗进行的认证绕过) — Vulnerability Class 245

245 vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过). AI Chinese analysis included.

CWE-290 represents a critical authentication weakness where systems fail to properly validate the origin of identity claims, allowing attackers to bypass security controls through spoofing. This vulnerability typically arises when authentication mechanisms rely on easily forged data, such as IP addresses or HTTP headers, without implementing robust verification. Attackers exploit this by injecting malicious or manipulated credentials that mimic legitimate users, thereby gaining unauthorized access to sensitive resources or administrative functions. To mitigate this risk, developers must implement multi-factor authentication and ensure that identity verification relies on cryptographically secure tokens rather than easily spoofable network identifiers. Additionally, rigorous input validation and strict adherence to secure authentication protocols, such as OAuth or OpenID Connect, help prevent attackers from impersonating valid entities, ensuring that only genuinely authenticated users can access protected systems.

MITRE CWE Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Common Consequences (1)
Access ControlBypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.
Examples (2)
The following code authenticates users.
String sourceIP = request.getRemoteAddr(); if (sourceIP != null && sourceIP.equals(APPROVED_IP)) { authenticated = true; }
Bad · Java
Both of these examples check if a request is from a trusted address before responding to the request.
sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==getTrustedAddress()) { n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen); } }
Bad · C
while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData(),0, rp.getLength()); InetAddress clientIPAddress = rp.getAddress(); int port = rp.getPort(); if (isTrustedAddress(clientIPAddress) & secretKey.equals(in)) { out = secret.getBytes(); DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability — IP Blocker Lite 5.3 Medium2024-05-17
CVE-2024-30480 WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability — CGC Maintenance Mode 3.7 Low2024-05-17
CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability — Newsletter 5.3 Medium2024-05-17
CVE-2024-33917 WordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerability — WTI Like Post 5.3 Medium2024-05-17
CVE-2024-32977 OctoPrint Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled — OctoPrint 7.1 High2024-05-14
CVE-2023-50224 TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability — TL-WR841N 6.5 -2024-05-03
CVE-2023-44447 TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability — TL-WR902AC 6.5 -2024-05-03
CVE-2024-1347 Authentication Bypass by Spoofing in GitLab — GitLab 4.3 Medium2024-04-25
CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode — Apache HugeGraph-Server 9.1 -2024-04-22
CVE-2024-31863 Apache Zeppelin: Replacing other users notebook, bypassing any permissions — Apache Zeppelin 9.1AICriticalAI2024-04-09
CVE-2024-30191 Siemens SCALANCE W700产品系列安全漏洞 — SCALANCE W1748-1 M12 8.4 High2024-04-09
CVE-2024-30190 Siemens SCALANCE W700产品系列安全漏洞 — SCALANCE W1748-1 M12 6.1 Medium2024-04-09
CVE-2024-30189 Siemens SCALANCE W700产品系列安全漏洞 — SCALANCE W721-1 RJ45 6.1 Medium2024-04-09
CVE-2024-29006 Apache CloudStack: x-forwarded-for HTTP header parsed by default — Apache CloudStack 8.1 -2024-04-04
CVE-2024-22092 Bundlemanager has an authentication bypass vulnerability — OpenHarmony 7.7 High2024-04-02
CVE-2024-28228 JetBrains YouTrack 安全漏洞 — YouTrack 5.3 Medium2024-03-07
CVE-2024-22457 Dell Secure Connect Gateway 安全漏洞 — Secure Connect Gateway (SCG) 5.0 Appliance - SRS 7.1 High2024-03-01
CVE-2024-21494 Caddy 安全漏洞 — github.com/greenpau/caddy-security 5.4 Medium2024-02-17
CVE-2023-7169 Impersonate vendor signed Powershell scripts — Snow Inventory Agent 6.0 Medium2024-02-08
CVE-2024-23832 Mastodon Remote user impersonation and takeover — mastodon 9.4 Critical2024-02-01
CVE-2023-6044 Lenovo Vantage 安全漏洞 — Vantage 6.3 Medium2024-01-19
CVE-2023-44117 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5AIHighAI2024-01-16
CVE-2023-4566 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5AIHighAI2024-01-16
CVE-2023-4001 Grub2: bypass the grub password protection feature — Red Hat Enterprise Linux 9 6.8 Medium2024-01-15
CVE-2024-0454 Security Vulnerability on Match-on-Chip FPR Architecture — DELL Inspiron 6.0 Medium2024-01-12
CVE-2023-49794 The logic of get apk path in KernelSU module can be bypassed — KernelSU 6.7 Medium2024-01-02
CVE-2023-6263 Server Spoofing Vulnerability in NxCloud — NxCloud 8.3 High2023-11-22
CVE-2023-3103 Authentication Bypass by Spoofing in Unitree Robotics A1 — A1 8.0 High2023-11-22
CVE-2023-5801 Huawei HarmonyOS 安全漏洞 — HarmonyOS 9.1 -2023-11-08
CVE-2023-20246 Cisco Catalys 和 Integrated Services Virtual Router 安全漏洞 — Cisco Firepower Threat Defense Software 5.8 Medium2023-11-01

Vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过) represent 245 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.