access:pre-auth 类型相关 21270 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-34082 | IGEL OS 安全漏洞 — OSCWE-78 | 9.8AI | CriticalAI | 2025-07-03 |
| CVE-2025-34061 | Henan Xiaopi PHPStudy 安全漏洞 — PHPStudyCWE-94 | 9.8AI | CriticalAI | 2025-07-03 |
| CVE-2025-49618 | Plesk Obsidian 安全漏洞 — ObsidianCWE-402 | 5.8 | Medium | 2025-07-03 |
| CVE-2025-20309 | Cisco Unified Communications Manager 安全漏洞 — Cisco Unified Communications ManagerCWE-798 | 10.0 | Critical | 2025-07-02 |
| CVE-2025-20310 | Cisco Enterprise Chat and Email 跨站脚本漏洞 — Cisco Enterprise Chat and EmailCWE-79 | 6.1 | Medium | 2025-07-02 |
| CVE-2025-34073 | maltrail 安全漏洞 — MaltrailCWE-78 | 9.8AI | CriticalAI | 2025-07-02 |
| CVE-2025-34070 | GFI Kerio Control 安全漏洞 — Kerio ControlCWE-306 | 9.8AI | CriticalAI | 2025-07-02 |
| CVE-2025-34069 | GFI Kerio Control 安全漏洞 — Kerio ControlCWE-306 | 9.8AI | CriticalAI | 2025-07-02 |
| CVE-2025-34067 | Hikvision HikCentral 安全漏洞 — Integrated Security Management PlatformCWE-502 | 9.8AI | CriticalAI | 2025-07-02 |
| CVE-2025-34057 | Ruijie NBR Router 安全漏洞 — NBR RouterCWE-306 | 7.5AI | HighAI | 2025-07-02 |
| CVE-2024-13786 | WordPress plugin education 代码问题漏洞 — Education Center | LMS & Online Courses WordPress ThemeCWE-502 | 9.8 | Critical | 2025-07-02 |
| CVE-2024-13451 | WordPress plugin Contact Form by Bit Form 信息泄露漏洞 — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-200 | 5.3 | Medium | 2025-07-02 |
| CVE-2025-6464 | WordPress plugin Forminator Forms 问题漏洞 — Forminator Forms – Contact Form, Payment Form & Custom Form BuilderCWE-502 | 7.5 | High | 2025-07-02 |
| CVE-2025-6463 | WordPress plugin Forminator Forms 安全漏洞 — Forminator Forms – Contact Form, Payment Form & Custom Form BuilderCWE-73 | 8.8 | High | 2025-07-02 |
| CVE-2025-5339 | WordPress plugin Ads Pro SQL注入漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-89 | 7.5 | High | 2025-07-02 |
| CVE-2024-11405 | WordPress plugin WP Front-end login and register 跨站脚本漏洞 — WP Front-end login and registerCWE-79 | 6.1 | Medium | 2025-07-02 |
| CVE-2025-5817 | WordPress plugin Amazon Products to WooCommerce 代码问题漏洞 — Amazon Products to WooCommerceCWE-918 | 7.2 | High | 2025-07-02 |
| CVE-2025-6437 | WordPress plugin Ads Pro SQL注入漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-89 | 7.5 | High | 2025-07-02 |
| CVE-2025-4654 | WordPress plugin Soumettre.fr 授权问题漏洞 — Soumettre.frCWE-285 | 3.7 | Low | 2025-07-02 |
| CVE-2025-5746 | WordPress plugin Drag and Drop Multiple File Upload 代码问题漏洞 — Drag and Drop Multiple File Upload (Pro) - WooCommerceCWE-434 | 9.8 | Critical | 2025-07-02 |
| CVE-2025-4380 | WordPress plugin Ads Pro 安全漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-98 | 8.1 | High | 2025-07-02 |
| CVE-2025-4381 | WordPress plugin Ads Pro SQL 注入漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-89 | 7.5 | High | 2025-07-02 |
| CVE-2025-6459 | WordPress plugin Ads Pro 跨站请求伪造漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-352 | 8.8 | High | 2025-07-02 |
| CVE-2025-4689 | WordPress plugin Ads Pro 安全漏洞 — Ads Pro Plugin - Multi-Purpose WordPress Advertising ManagerCWE-98 | 9.8 | Critical | 2025-07-02 |
| CVE-2025-45424 | Xinference 安全漏洞 — n/a | 9.8AI | CriticalAI | 2025-07-02 |
| CVE-2025-34081 | Contec CONPROSYS HMI System 安全漏洞 — CONPROSYS HMI System (CHS)CWE-215 | 5.3AI | MediumAI | 2025-07-01 |
| CVE-2025-34059 | Dahua Smart Cloud Gateway Registration Management 安全漏洞 — Smart Cloud Gateway Registration Management PlatformCWE-89 | 9.1AI | CriticalAI | 2025-07-01 |
| CVE-2025-34065 | AVTECH IP camera、AVTECH DVR和AVTECH NVR 安全漏洞 — IP camera, DVR, and NVR DevicesCWE-290 | 9.8AI | CriticalAI | 2025-07-01 |
| CVE-2025-34054 | AVTECH DVR 安全漏洞 — IP camera, DVR, and NVR DevicesCWE-78 | 9.8AI | CriticalAI | 2025-07-01 |
| CVE-2025-34051 | AVTECH DVR 安全漏洞 — DVR devicesCWE-918 | 9.1AI | CriticalAI | 2025-07-01 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21270 条 CVE 漏洞。