Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-291 (信任自主报告的IP地址) — Vulnerability Class 9

9 vulnerabilities classified as CWE-291 (信任自主报告的IP地址). AI Chinese analysis included.

CWE-291 represents a critical authentication weakness where systems rely solely on IP addresses to verify user identity. This approach is fundamentally flawed because IP addresses are easily spoofed, allowing attackers to forge source addresses in network packets. While responses return to the forged address, attackers can intercept these replies by sniffing traffic between the victim and the spoofed IP, effectively bypassing security controls. This vulnerability is typically exploited in environments with static IP configurations or trusted network zones that lack additional verification layers. To mitigate this risk, developers must implement robust, multi-factor authentication mechanisms that do not depend on network location. Utilizing cryptographic tokens, certificates, or password-based systems ensures that identity verification remains secure regardless of the client’s IP address, thereby preventing unauthorized access through simple address forgery.

MITRE CWE Description
The product uses an IP address for authentication. IP addresses can be easily spoofed. Attackers can forge the source IP address of the packets they send, but response packets will return to the forged IP address. To see the response packets, the attacker has to sniff the traffic between the victim machine and the forged IP address. In order to accomplish the required sniffing, attackers typically attempt to locate themselves on the same subnet as the victim machine. Attackers may be able to circumvent this requirement by using source routing, but source routing is disabled across much of the Internet today. In summary, IP address verification can be a useful part of an authentication scheme, but it should not be the single factor required for authentication.
Common Consequences (1)
Access Control, Non-RepudiationHide Activities, Gain Privileges or Assume Identity
Malicious users can fake authentication information, impersonating any IP address.
Mitigations (1)
Architecture and DesignUse other means of identity verification that cannot be simply spoofed. Possibilities include a username/password or certificate.
Examples (1)
Both of these examples check if a request is from a trusted address before responding to the request.
sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==getTrustedAddress()) { n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen); } }
Bad · C
while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData(),0, rp.getLength()); InetAddress clientIPAddress = rp.getAddress(); int port = rp.getPort(); if (isTrustedAddress(clientIPAddress) & secretKey.equals(in)) { out = secret.getBytes(); DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-3690 OpenClaw Canvas Authentication Bypass Vulnerability — OpenClaw 9.8AICriticalAI2026-04-11
CVE-2026-4252 Tenda AC8 IPv6 check_is_ipv6 ip address for authentication — AC8 9.8 Critical2026-03-16
CVE-2025-66602 Yokogawa FAST/TOOLS 安全漏洞 — FAST/TOOLS 9.8AICriticalAI2026-02-09
CVE-2025-59101 Insufficient Session Management in dormakaba access manager — Access Manager 92xx-k5 9.8AICriticalAI2026-01-26
CVE-2025-34202 Vasion Print (formerly PrinterLogic) Insecure Access to Docker Instances WAN — Print Virtual Appliance Host 7.1 -2025-09-19
CVE-2024-23309 LevelOne WBR-6012 安全漏洞 — WBR-6012 9.0 Critical2024-10-30
CVE-2024-32765 QTS, QuTS hero — QTS 4.2 Medium2024-08-09
CVE-2023-7211 Uniway Router Administrative Web Interface reliance on ip address for authentication — Router 5.6 Medium2024-01-07
CVE-2023-35906 IBM Aspera Faspex security bypass — Aspera Faspex 5.3 Medium2023-09-05

Vulnerabilities classified as CWE-291 (信任自主报告的IP地址) represent 9 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.