Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-290 (使用欺骗进行的认证绕过) — Vulnerability Class 245

245 vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过). AI Chinese analysis included.

CWE-290 represents a critical authentication weakness where systems fail to properly validate the origin of identity claims, allowing attackers to bypass security controls through spoofing. This vulnerability typically arises when authentication mechanisms rely on easily forged data, such as IP addresses or HTTP headers, without implementing robust verification. Attackers exploit this by injecting malicious or manipulated credentials that mimic legitimate users, thereby gaining unauthorized access to sensitive resources or administrative functions. To mitigate this risk, developers must implement multi-factor authentication and ensure that identity verification relies on cryptographically secure tokens rather than easily spoofable network identifiers. Additionally, rigorous input validation and strict adherence to secure authentication protocols, such as OAuth or OpenID Connect, help prevent attackers from impersonating valid entities, ensuring that only genuinely authenticated users can access protected systems.

MITRE CWE Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Common Consequences (1)
Access ControlBypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.
Examples (2)
The following code authenticates users.
String sourceIP = request.getRemoteAddr(); if (sourceIP != null && sourceIP.equals(APPROVED_IP)) { authenticated = true; }
Bad · Java
Both of these examples check if a request is from a trusted address before responding to the request.
sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==getTrustedAddress()) { n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen); } }
Bad · C
while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData(),0, rp.getLength()); InetAddress clientIPAddress = rp.getAddress(); int port = rp.getPort(); if (isTrustedAddress(clientIPAddress) & secretKey.equals(in)) { out = secret.getBytes(); DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2022-2310 Skyhigh SWG Authentication bypass vulnerability — Skyhigh Secure Web Gateway (SWG) 10.0 Critical2022-07-27
CVE-2022-2368 Authentication Bypass by Spoofing in microweber/microweber — microweber/microweber 6.5 Medium2022-07-11
CVE-2022-1745 2.2.7 AUTHENTICATION BYPASS BY SPOOFING CWE-290 — ImageCast X application 6.8 -2022-06-24
CVE-2022-25989 Eufy Anker Eufy Homebase 安全漏洞 — Eufy Homebase 2 8.8 -2022-05-05
CVE-2022-24858 Default redirect callback vulnerable to open redirects — next-auth 6.1 Medium2022-04-19
CVE-2022-24112 apisix/batch-requests plugin allows overwriting the X-REAL-IP header — Apache APISIX 9.8 -2022-02-11
CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML — Frontend 9.1 Critical2022-01-13
CVE-2021-43807 HTTP Method Spoofing in Opencast — opencast 7.5 High2021-12-14
CVE-2021-41130 X-Endpoint-API-UserInfo can be spoofed in cloudendpoints Extensible Service Proxy — esp 6.4 Medium2021-10-07
CVE-2021-34646 Booster for WooCommerce <= 5.4.3 Authentication Bypass — Booster for WooCommcerce 9.8 Critical2021-08-30
CVE-2021-32076 Access Restriction bypass vulnerability via referrer spoof - Business Logic Bypass — Web Help Desk 5.3 Medium2021-08-26
CVE-2021-32631 JSON Web Tokens not properly verified — common 6.5 Medium2021-07-26
CVE-2020-7388 Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing — X3 10.0 Critical2021-07-22
CVE-2021-22779 Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*) 9.1 -2021-07-14
CVE-2021-28810 Vulnerability in Roon Server — Roon Server 7.5 High2021-06-08
CVE-2021-20278 Kiali 授权问题漏洞 — kiali 9.8 -2021-05-28
CVE-2020-13529 systemd 安全漏洞 — Systemd 6.1 -2021-05-10
CVE-2021-29441 Authentication bypass — nacos 8.6 High2021-04-27
CVE-2021-21492 SAP NetWeaver Application Server Java 安全漏洞 — SAP NetWeaver AS for JAVA (HTTP Service) 5.3 -2021-04-13
CVE-2021-21310 Token verification bug in next-auth — next-auth 6.1 Medium2021-02-11
CVE-2020-17516 Apache Cassandra 安全漏洞 — Apache Cassandra 7.5 -2021-02-03
CVE-2020-27276 多款Sooil产品授权问题漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A 5.7 -2021-01-19
CVE-2020-26276 SAML authentication vulnerability in Fleet — fleet 10.0 Critical2020-12-17
CVE-2020-26254 omniauth-apple allows attacker to fake their email address during authentication — omniauth-apple 7.7 High2020-12-08
CVE-2020-7327 McAfee MVEDR - Improperly implemented security check — McAfee MVISION Endpoint Detection and Response 6.0 Medium2020-10-15
CVE-2020-7326 McAfee MAR - Improperly implemented security check — McAfee Active Response 6.0 Medium2020-10-15
CVE-2020-5415 Concourse's GitLab auth allows impersonation — Concourse 9.6 -2020-08-12
CVE-2020-2033 GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie — GlobalProtect App 5.3 Medium2020-06-10
CVE-2020-10136 IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic — RFC2003 - IP Encapsulation within IP 8.2 -2020-06-02
CVE-2020-2002 PAN-OS: Spoofed Kerberos key distribution center authentication bypass — PAN-OS 8.1 High2020-05-13

Vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过) represent 245 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.