CAPEC-22МетаЧерновик
Эксплуатация доверия клиенту
Атака данного типа эксплуатирует уязвимости в аутентификации канала взаимодействия клиент/сервер и целостности данных. Она использует неявное доверие, которое сервер оказывает клиенту, или, что важнее, тому, кого сервер считает клиентом. Злоумышленник реализует данный тип атаки, взаимодействуя напрямую с сервером, который при этом полагает, что общается только с действительным клиентом. Существует множество разновидностей данного типа атак.
Открыть в каталоге с фильтром CAPEC →Связанные CWE
CWE-20
Продукт получает входные данные или данные иного рода, однако не проверяет или некорректно проверяет, обладают ли эти данные свойс
CWE-200
Продукт раскрывает конфиденциальную информацию субъекту, которому явно не предоставлен доступ к этой информации.
CWE-287
Когда субъект заявляет об определённой идентичности, продукт не доказывает или недостаточно доказывает правомерность этого утве
CWE-290
Данная атакоориентированная слабость обусловлена некорректно реализованными схемами аутентификации, подверженными атакам подм
CWE-693
Программный продукт не использует или некорректно использует механизм защиты, обеспечивающий достаточную защиту от направленных
Связанные уязвимости
CVE-2026-2761Выполнение произвольного кода в Mozilla Firefox и Thunderbird ESR
CVE-2026-23600A remote authentication bypass vulnerability
exists in HPE AutoPass License Server (APLS).
CVE-2026-22240The vulnerability exists in BLUVOYIX due to an improper password storage implementation and subsequent exposure via unauthenticated APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable users API to retrieve the plaintext passwords of all user users. Successful exploitation of this vulnerability could allow the attacker to gain full access to customers' data and completely compromise the targeted platform by logging in using an exposed admin email address and password.
CVE-2026-22237The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the APIs exposed by the documentation. Successful exploitation of this vulnerability could allow the attacker to cause damage to the targeted platform by abusing internal functionality.
CVE-2026-22236The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable APIs. Successful exploitation of this vulnerability could allow the attacker to gain full access to customers' data and completely compromise the targeted platform.
CVE-2026-21858Получение конфиденциальной информации в n8n
CVE-2026-20127Обход безопасности в Cisco Catalyst SD-WAN Controller
CVE-2026-0881Выполнение произвольного кода в Mozilla Thunderbird
CVE-2026-0848NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model poisoning, MITM attacks, or dependency poisoning, leading to remote code execution. The issue arises from the direct execution of the JAR file via subprocess with unvalidated classpath input, allowing malicious classes to execute when loaded by the JVM.
CVE-2025-9265A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects
Kiloview NDI N30
and was fixed in Firmware version later than 2.02.0246
CVE-2025-63224The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
CVE-2025-63216The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
CVE-2025-61481An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over cleartext HTTP by default, allowing an on-path attacker to execute injected JavaScript in the administrator’s browser and intercept credentials.
CVE-2025-5597В WF Steuerungstechnik GmbH airleader MASTER обнаружена уязвимость Improper Authentication, позволяющая обойти аутентификацию. Это затрагивает airleader MASTER версии 3.00571 [1].
Источники:
- [1] https://github.com/migros/migros-security-advisories/blob/main/advisories/msec-2025-003_wf-seuerungstechnik-gmbh_airleader-master_authentication-bypass.md
CVE-2025-54419A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any character from the SAML assertion username. To conduct the attack an attacker would need a validly signed document from the identity provider (IdP). This is fixed in version 5.1.0.