目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21270

access:pre-auth 类型相关 21270 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-37097 HPE Insight Remote Support 安全漏洞 — Insight Remote Support 7.5AIHighAI2025-07-01
CVE-2025-36582 Dell NetWorker 安全漏洞 — NetWorkerCWE-757 4.8 Medium2025-07-01
CVE-2025-5314 WordPress plugin Dear Flipbook 跨站脚本漏洞 — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 6.1 Medium2025-07-01
CVE-2025-41648 Pilz IndustrialPI 代码问题漏洞 — IndustrialPI 4 with IndustrialPI webstatusCWE-704 9.8 Critical2025-07-01
CVE-2025-41656 Pilz IndustrialPI 访问控制错误漏洞 — IndustrialPI 4 with Firmware BullseyeCWE-306 10.0 Critical2025-07-01
CVE-2025-6934 WordPress plugin Opal Estate Pro 安全漏洞 — Opal Estate Pro – Property Management and SubmissionCWE-269 9.8 Critical2025-07-01
CVE-2025-5937 WordPress plugin MicroPayments 跨站请求伪造漏洞 — MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, WalletCWE-352 4.3 Medium2025-06-28
CVE-2025-5304 WordPress plugin PT Project Notebooks 安全漏洞 — PT Project Notebooks – Take Meeting minutes, create budgets, track task management, and moreCWE-862 9.8 Critical2025-06-28
CVE-2025-5310 Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE 访问控制错误漏洞 — ProGauge MagLink LX 4CWE-306 9.8 Critical2025-06-27
CVE-2025-6522 Trend Makers Sight Bulb Pro 命令注入漏洞 — Sight Bulb Pro Firmware ZJ_CG32-2201CWE-77 5.4 Medium2025-06-27
CVE-2025-53091 WeGIA SQL注入漏洞 — WeGIACWE-89 9.8AICriticalAI2025-06-27
CVE-2024-12827 WordPress plugin DWT - Directory & Listing 安全漏洞 — DWT - Directory & Listing WordPress ThemeCWE-620 9.8 Critical2025-06-27
CVE-2025-2940 WordPress plugin Ninja Tables – Easy Data Table Builder 代码问题漏洞 — Ninja Tables – Easy Data Table BuilderCWE-918 7.2 High2025-06-27
CVE-2025-6688 WordPress plugin Simple Payment 安全漏洞 — Simple PaymentCWE-288 9.8 Critical2025-06-27
CVE-2025-5936 WordPress plugin VR Calendar 跨站请求伪造漏洞 — VR CalendarCWE-352 4.3 Medium2025-06-27
CVE-2025-3699 Mitsubishi Electric多款产品 访问控制错误漏洞 — G-50CWE-306 9.8 Critical2025-06-26
CVE-2025-52477 octo-sts 代码问题漏洞 — appCWE-918 8.6 High2025-06-26
CVE-2025-34047 Leadsec SSL VPN 安全漏洞 — Leadsec SSL VPNCWE-22 7.5AIHighAI2025-06-26
CVE-2025-34048 D-Link DSL-2730U和D-Link DSL-2750E 安全漏洞 — DSL-2730UCWE-22 7.5AIHighAI2025-06-26
CVE-2025-34046 Weaver E-Office 安全漏洞 — E-OfficeCWE-434 9.8AICriticalAI2025-06-26
CVE-2025-34045 Weiphp WeiPHP 安全漏洞 — WeiPHPCWE-22 7.5AIHighAI2025-06-26
CVE-2025-34044 WIFISKY 7-layer Flow Control Router 安全漏洞 — WIFISKY 7-layer flow control routerCWE-78 9.8AICriticalAI2025-06-26
CVE-2025-34043 Vacron Network Video Recorder 安全漏洞 — Network Video Recorder (NVR)CWE-78 9.8AICriticalAI2025-06-26
CVE-2025-6561 Hunt Electronic HBF-09KD 安全漏洞 — HBF-09KDCWE-497 9.8 Critical2025-06-26
CVE-2025-6212 WordPress plugin Ultra Addons for Contact Form 跨站脚本漏洞 — Ultra Addons for Contact Form 7CWE-79 7.2 High2025-06-26
CVE-2025-1754 GitLab CE/EE 访问控制错误漏洞 — GitLabCWE-306 5.3 Medium2025-06-26
CVE-2025-5813 WordPress plugin Amazon Products to WooCommerce 安全漏洞 — Amazon Products to WooCommerceCWE-862 5.3 Medium2025-06-26
CVE-2025-5932 WordPress plugin Homerunner 跨站请求伪造漏洞 — HomerunnerCWE-352 4.3 Medium2025-06-26
CVE-2025-4334 WordPress plugin Simple User Registration 安全漏洞 — Simple User RegistrationCWE-269 9.8 Critical2025-06-26
CVE-2025-30131 IROAD Dashcam FX2 安全漏洞 — n/a 9.8AICriticalAI2025-06-26

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21270 条 CVE 漏洞。