Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-420 (未保护的候选通道) — Vulnerability Class 33

33 vulnerabilities classified as CWE-420 (未保护的候选通道). AI Chinese analysis included.

CWE-420 represents a security weakness where an application implements robust protective measures for its primary communication channel but neglects to apply equivalent safeguards to an alternate data path. This disparity often arises when developers focus exclusively on the main interface, such as a web portal, while overlooking secondary mechanisms like background APIs, logging services, or administrative endpoints. Attackers typically exploit this oversight by bypassing the hardened primary channel to access the unprotected alternate one, thereby gaining unauthorized access to sensitive data or executing malicious commands without triggering standard security controls. To prevent this vulnerability, developers must conduct comprehensive threat modeling that identifies all potential communication paths within the system architecture. Security policies should then be uniformly applied across every channel, ensuring that encryption, authentication, and authorization mechanisms are consistently enforced regardless of the entry point used.

MITRE CWE Description
The product protects a primary channel, but it does not use the same level of protection for an alternate channel.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity, Bypass Protection Mechanism
Mitigations (1)
Architecture and DesignIdentify all alternate channels and use the same protection mechanisms that are used for the primary channels.
Examples (1)
Register SECURE_ME is located at address 0xF00. A mirror of this register called COPY_OF_SECURE_ME is at location 0x800F00. The register SECURE_ME is protected from malicious agents and only allows access to select, while COPY_OF_SECURE_ME is not. Access control is implemented using an allowlist (as indicated by a…
module foo_bar(data_out, data_in, incoming_id, address, clk, rst_n); output [31:0] data_out; input [31:0] data_in, incoming_id, address; input clk, rst_n; wire write_auth, addr_auth; reg [31:0] data_out, acl_oh_allowlist, q; assign write_auth = | (incoming_id & acl_oh_allowlist) ? 1 : 0; always @* acl_oh_allowlist <= 32'h8312; assign addr_auth = (address == 32'hF00) ? 1: 0; always @ (posedge clk or negedge rst_n) if (!rst_n) begin q <= 32'h0; data_out <= 32'h0; end else begin q <= (addr_auth & write_auth) ? data_in: q; data_out <= q; end end endmodule
Informative · Verilog
assign addr_auth = (address == 32'hF00) ? 1: 0;
Bad · Verilog
CVE IDTitleCVSSSeverityPublished
CVE-2026-43505 Prosody 安全漏洞 — Prosody 6.5 Medium2026-05-01
CVE-2026-40217 LiteLLM 安全漏洞 — LiteLLM 8.8 High2026-04-10
CVE-2026-35388 OpenSSH 安全漏洞 — OpenSSH 2.5 Low2026-04-02
CVE-2026-25916 Roundcube Webmail 安全漏洞 — Webmail 4.3 Medium2026-02-09
CVE-2025-41727 Beckhoff: Performing privileged operations and gaining administrator access — Beckhoff.Device.Manager.XAR 7.8 High2026-01-27
CVE-2025-62001 BullWall Ransomware Containment hard-coded folder exclusions — Ransomware Containment 8.8 High2025-12-18
CVE-2025-66432 Oxide Control Plane 安全漏洞 — Omicron 5.0 Medium2025-11-30
CVE-2025-13315 Unauthenticated log access in Twonky Server — Twonky Server 9.1AICriticalAI2025-11-19
CVE-2025-56558 Dyson App 安全漏洞 — MQTT server 3.0 Low2025-10-29
CVE-2025-62820 Slack Nebula 安全漏洞 — Nebula 4.9 Medium2025-10-23
CVE-2025-53967 Framelink Figma MCP Server 安全漏洞 — Figma MCP Server 8.0 High2025-10-08
CVE-2025-8557 Lenovo XClarity Orchestrator 安全漏洞 — XClarity Orchestrator (LXCO) 8.8 High2025-09-11
CVE-2025-59033 Microsoft Windows Defender Application Control 安全漏洞 — Windows 7.4 High2025-09-08
CVE-2025-54351 iperf 安全漏洞 — iperf3 8.9 High2025-08-03
CVE-2025-54309 CrushFTP 安全漏洞 — CrushFTP 9.0 Critical2025-07-18
CVE-2025-52921 InnoShop 安全漏洞 — InnoShop 9.9 Critical2025-06-23
CVE-2025-52968 xdg-utils 安全漏洞 — xdg-utils 2.7 Low2025-06-23
CVE-2025-1095 IBM Personal Communications command execution — Personal Communications 8.8 High2025-04-08
CVE-2023-52718 Huawei多款产品 安全漏洞 — PT9030-15 6.4 Medium2024-12-28
CVE-2023-7266 Huawei WS7200-10 安全漏洞 — TC7001-10 7.5 High2024-12-28
CVE-2024-8038 Juju 安全漏洞 — Juju 7.9 High2024-10-02
CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices — ControlLogix® 5580 (1756-L8z) 9.8AICriticalAI2024-08-01
CVE-2024-6099 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Unauthenticated Bypass to User Registration — LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 5.3 Medium2024-07-02
CVE-2024-4444 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration — LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 5.3 Medium2024-05-10
CVE-2023-20198 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 10.0 Critical2023-10-16
CVE-2023-4570 Improper Restriction in NI MeasurementLink Python Services — MeasurementLink 8.8 High2023-10-05
CVE-2023-30946 Issues notification metadata lacks authorization — com.palantir.issues:issues 3.5 Low2023-06-29
CVE-2023-31241 Snap One OvrC Cloud 访问控制错误漏洞 — OvrC Cloud 8.6 High2023-05-22
CVE-2023-0317 GateManager debug interface is included in non-debug builds — GateManager 4.9 Medium2023-04-19
CVE-2023-28840 moby/moby's dockerd daemon encrypted overlay network may be unauthenticated — moby 7.5 High2023-04-04

Vulnerabilities classified as CWE-420 (未保护的候选通道) represent 33 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.