目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21456

access:pre-auth 类型相关 21456 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-36290 WAVLINK AC3000 安全漏洞 — Wavlink AC3000CWE-120 10.0 Critical2025-01-14
CVE-2024-39759 WAVLINK AC3000 命令注入漏洞 — Wavlink AC3000CWE-77 10.0 Critical2025-01-14
CVE-2024-39608 WAVLINK AC3000 访问控制错误漏洞 — Wavlink AC3000CWE-306 10.0 Critical2025-01-14
CVE-2024-23106 Fortinet FortiClientEMS 安全漏洞 — FortiClientEMSCWE-307 7.7 High2025-01-14
CVE-2024-46666 Fortinet FortiOS 安全漏洞 — FortiOSCWE-770 4.8 Medium2025-01-14
CVE-2024-36510 Fortinet FortiClientEMS和FortiSOAR 安全漏洞 — FortiClientEMSCWE-204 4.9 Medium2025-01-14
CVE-2024-54021 Fortinet FortiOS和Fortinet FortiProxy 注入漏洞 — FortiOSCWE-113 6.4 Medium2025-01-14
CVE-2024-48884 Fortinet多款产品 路径遍历漏洞 — FortiManagerCWE-22 7.1 High2025-01-14
CVE-2024-46668 Fortinet FortiOS 安全漏洞 — FortiOSCWE-770 7.1 High2025-01-14
CVE-2024-46670 Fortinet FortiOS 缓冲区错误漏洞 — FortiOSCWE-125 7.5 High2025-01-14
CVE-2024-56841 Siemens Mendix 注入漏洞 — Mendix LDAPCWE-90 7.4 High2025-01-14
CVE-2024-47100 Siemens SIMATIC S7-1200 跨站请求伪造漏洞 — SIMATIC S7-1200 CPU 1211C AC/DC/RlyCWE-352 7.1 High2025-01-14
CVE-2024-12919 WordPress plugin Paid Membership Subscriptions 授权问题漏洞 — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content RestrictionCWE-287 9.8 Critical2025-01-14
CVE-2025-0393 WordPress plugin Royal Elementor Addons and Templates 跨站请求伪造漏洞 — Royal Addons for Elementor – Addons and Templates Kit for ElementorCWE-352 6.1 Medium2025-01-14
CVE-2024-12006 WordPress plugin W3 Total Cache 安全漏洞 — W3 Total CacheCWE-862 5.3 Medium2025-01-14
CVE-2024-12008 WordPress plugin W3 Total Cache 信息泄露漏洞 — W3 Total CacheCWE-200 5.3 Medium2025-01-14
CVE-2025-23082 Veeam Backup 代码问题漏洞 — Backup for Microsoft Azure 6.5 -2025-01-14
CVE-2025-0061 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence PlatformCWE-497 8.7 High2025-01-14
CVE-2025-0053 SAP NetWeaver Application Server 安全漏洞 — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-209 5.3 Medium2025-01-14
CVE-2025-22983 IceCMS 安全漏洞 — n/a 7.5 -2025-01-14
CVE-2025-22984 IceCMS 安全漏洞 — n/a 7.5 -2025-01-14
CVE-2024-11396 WordPress plugin Event Monster 安全漏洞 — Event Monster – Manager & Ticket BookingCWE-359 5.3 Medium2025-01-13
CVE-2024-12274 WordPress plugin Appointment Booking Calendar 安全漏洞 — Appointment Booking Calendar Plugin and Scheduling Plugin 7.5 -2025-01-13
CVE-2024-46310 Cfx.re FXServer 安全漏洞 — n/a 9.1 -2025-01-13
CVE-2024-12407 WordPress plugin Push Notification for Post and BuddyPress 跨站脚本漏洞 — Push Notification for Post and BuddyPressCWE-79 6.1 Medium2025-01-11
CVE-2024-12877 WordPress plugin GiveWP 代码问题漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-502 9.8 Critical2025-01-11
CVE-2024-12412 WordPress plugin WpRently 跨站脚本漏洞 — Booking and Rental Manager for Bike | Car | Resort | Appointment | Dress | EquipmentCWE-79 6.1 Medium2025-01-11
CVE-2025-0107 Palo Alto Networks Expedition 安全漏洞 — Cloud NGFWCWE-78 10.0 -2025-01-11
CVE-2025-0106 Palo Alto Networks Expedition 安全漏洞 — Cloud NGFWCWE-155 5.8 -2025-01-11
CVE-2025-0105 Palo Alto Networks Expedition 安全漏洞 — Cloud NGFWCWE-73 10.0 -2025-01-11

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21456 条 CVE 漏洞。