tldrdaily.news logo
Tag

Authentication Bypass

All articles tagged with #authentication bypass

Auth bypass in Honeywell CCTV risks unauthorized feeds and account takeover
security8 days ago

Auth bypass in Honeywell CCTV risks unauthorized feeds and account takeover

CISA warns of a critical vulnerability (CVE-2026-1670) in multiple Honeywell CCTV models that allows an unauthenticated attacker to change the recovery email on a device account, enabling account takeover and unauthorized access to camera feeds; as of Feb 17 there were no known public exploits; mitigations include limiting network exposure, isolating devices behind firewalls, and using secure VPN remote access; Honeywell has not issued a public advisory and users should contact support for patch guidance.

via BleepingComputer|
#authentication-bypass#cctv#cisa
Decompiled Patch Diff Enables SmarterMail Admin Password Bypass (WT-2026-0001)
security1 month ago

Decompiled Patch Diff Enables SmarterMail Admin Password Bypass (WT-2026-0001)

Researchers detail WT-2026-0001 in SmarterMail, a pre-authentication admin password-reset bypass that can be triggered by calling a force-reset-password API with IsSysAdmin set to true, enabling admin access without verifying OldPassword and potentially yielding remote code execution via the Volume Mount feature. A PoC shows a JSON payload including IsSysAdmin, Username, and NewPassword. SmarterTools released patch 9511 on Jan 15, 2026 to fix the flaw, but exploitation was observed shortly after the patch, highlighting urgent need to upgrade. The patched flow enforces admin verification and old-password checks, mitigating this bypass; the report also notes the ongoing risk and how attackers monitor patches to exploit high-value targets.

via watchTowr Labs|
#authentication-bypass#password-reset#patch
IBM Issues Warning Over Critical API Connect Authentication Flaw
technology1 month ago

IBM Issues Warning Over Critical API Connect Authentication Flaw

IBM has disclosed a critical security flaw in API Connect (CVE-2025-13915) that allows remote attackers to bypass authentication and gain unauthorized access. The vulnerability affects specific versions and is rated 9.8/10 on CVSS. Users are advised to apply the available fixes promptly or disable self-service sign-up to mitigate risks.

via The Hacker News|
#api-connect#authentication-bypass#cve-2025-13915
"Critical Authentication Bypass Flaw Found in QNAP NAS Devices"
technology2 years ago

"Critical Authentication Bypass Flaw Found in QNAP NAS Devices"

QNAP has warned of critical vulnerabilities in its NAS software products that could allow attackers to access devices, including an authentication bypass flaw that can be executed remotely without authentication. The flaws impact various versions of QNAP's operating systems, and users are recommended to upgrade to specific versions to address the vulnerabilities. NAS devices are often targeted for data theft and extortion, so it's crucial for owners to keep their software updated and avoid exposing these devices to the internet.

via BleepingComputer|
#authentication-bypass#firmware-update#nas-devices
"Ransomware Gangs Exploit Critical JetBrains TeamCity Vulnerability"
cybersecurity2 years ago

"Ransomware Gangs Exploit Critical JetBrains TeamCity Vulnerability"

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of an actively exploited critical security flaw in JetBrains TeamCity On-Premises software, allowing for complete compromise of a server by a remote unauthenticated attacker. The vulnerability, tracked as CVE-2024-27198, has been used by threat actors to deliver ransomware and create rogue user accounts. Users are urged to apply updates immediately, with federal agencies required to patch their instances by March 28, 2024.

via The Hacker News|
#authentication-bypass#cisa#cybersecurity
"Urgent: Mass-Exploited Ivanti VPN Flaw Requires Immediate Patching"
cybersecurity2 years ago

"Urgent: Mass-Exploited Ivanti VPN Flaw Requires Immediate Patching"

Ivanti has disclosed a high-severity security flaw, CVE-2024-22024, affecting its Connect Secure, Policy Secure, and ZTA gateway devices, allowing attackers to bypass authentication. The company has released patches for the affected versions and urges users to apply them promptly, emphasizing the importance of addressing multiple security weaknesses that have surfaced this year. While there is no evidence of active exploitation, users are advised to take swift action due to the potential for broad abuse of these vulnerabilities.

via The Hacker News|
#authentication-bypass#cve-2024-22024#cybersecurity
"Urgent: Ivanti Vulnerabilities Under Mass Exploitation"
cybersecurity2 years ago

"Urgent: Ivanti Vulnerabilities Under Mass Exploitation"

Ivanti has warned of a new authentication bypass vulnerability (CVE-2024-22024) affecting its Connect Secure, Policy Secure, and ZTA gateways, urging immediate patching. The flaw allows remote attackers to access restricted resources without user interaction or authentication. Threat monitoring shows over 20,000 ICS VPN gateways exposed online, with Ivanti devices being heavily targeted in attacks. Security patches for the vulnerabilities were released on January 31, and Ivanti advises customers to factory reset vulnerable appliances before patching to block attackers' persistence.

via BleepingComputer|
#authentication-bypass#cybersecurity#ivanti
"Urgent Patch Required: Fortra GoAnywhere MFT Vulnerability Exploited"
cybersecurity2 years ago

"Urgent Patch Required: Fortra GoAnywhere MFT Vulnerability Exploited"

Fortra warns of a critical authentication bypass vulnerability, CVE-2024-0204, in GoAnywhere MFT versions before 7.4.1, allowing unauthorized creation of admin users. The flaw, discovered in December 2023, could lead to device takeover and data breaches. Fortra advises immediate patching to version 7.4.1 and provides manual mitigation steps. While no active exploitation has been reported, the potential for PoC exploits exists. This follows a previous incident where the Clop ransomware gang exploited a different flaw in GoAnywhere MFT, causing widespread data theft attacks on numerous organizations.

via BleepingComputer|
#authentication-bypass#cve-2024-0204#cybersecurity
"New Arcserve UDP Auth Bypass Vulnerability Exploit and PoC Published"
technology2 years ago

"New Arcserve UDP Auth Bypass Vulnerability Exploit and PoC Published"

Arcserve has addressed a high-severity security flaw in its Unified Data Protection (UDP) backup software that allows attackers to bypass authentication and gain admin privileges. The vulnerability, tracked as CVE-2023-26258, was discovered by security researchers and enables attackers on the local network to access the UDP admin interface by capturing SOAP requests containing AuthUUIDs to obtain valid administrator sessions. Arcserve has released UDP 9.1 to fix the vulnerability and recommends all users upgrade to this version. The flaw could potentially be used by threat actors to destroy data in ransomware attacks.

via BleepingComputer|
#arcserve#authentication-bypass#ransomware-protection