OpenClaw: /api/channels gateway-auth boundary bypass via path canonicalization mismatch

Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...

Fortinet Fortigate SSO authentication bypass (FG-IR-26-060)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-060 advisory. - An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS, FortiManager, FortiAnalyzer m...

Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability

Talos Vulnerability Report TALOS-2025-2164 Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability August 20, 2025 CVE Number CVE-2025-24496 SUMMARY An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110...

CVE-2024-38437

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel...

CVE-2024-38437 D-Link - CWE-288: Authentication Bypass Using an Alternate Path or Channel

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel...

CVE-2024-38437 D-Link - CWE-288: Authentication Bypass Using an Alternate Path or Channel

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel...

Artica Proxy 4.50 Loopback Service Disclosure

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...

Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation Vulnerability

The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. This provides an unauthenticated attacker complete access to...

CVE-2022-40684

An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...

Authentication flaw

An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...

CVE-2022-40684

An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...

CVE-2022-40684

An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...

CVE-2022-40684

CVE-2022-40684 is an authentication bypass affecting Fortinet products: FortiOS (versions 7.2.0–7.2.1 and 7.0.0–7.0.6), FortiProxy (7.2.0 and 7.0.0–7.0.6), and FortiSwitchManager (7.2.0 and 7.0.0). The flaw enables an unauthenticated attacker to perform administrative interface operations via spe...

CVE-2022-40684

An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...

JVN#74592196: bingo!CMS vulnerable to authentication bypass

bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability CWE-288 in some of the management functions. Shift Tech Inc. states that attacks exploiting this vulnerability have been observed. Impact Accessing a specific URL directly may allow a remote unauthenticated...

Honeywell Saia Burgess PG5 PCD

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that...

JVN#51464799: L2Blocker Sensor setup screen vulnerable to authentication bypass

L2Blocker provided by SOFTCREATE CORP. contains a vulnerability CWE-288 in which the login authentication is bypassed by using alternative paths or channels for Sensor. Impact An attacker who can access the device may perform an unauthorized login and obtain the stored information or cause a...

mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, OS Command...

Hillrom Welch Allyn Cardio Products

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn Cardio Products Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...

Delta Electronics DIAEnergie (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Authentication Bypass Using an Alternate Path or Channel, Unrestricted Upload of Fil...