Weaknesses of type CWE-294
153 resultsCVE-2025-69197MEDIUMPterodactyl TOTPs can be reused during validity windowEPSS 0.3%CVE-2024-37016MEDIUMMengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach.EPSS 0.3%CVE-2023-36857MEDIUMBaker Hughes Bently Nevada 3500 System Authentication Bypass by Capture-replayEPSS 0.3%CVE-2023-39373HIGH Hyundai car CWE-294: Authentication Bypass by Capture-replay EPSS 0.3%CVE-2025-35057MEDIUMNewforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashxEPSS 0.3%CVE-2026-9095HIGHCVE-2026-9095EPSS 0.3%CVE-2024-22066HIGHThere is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use theEPSS 0.3%CVE-2026-9398LOWBesen BS20 EV Charging Station BLE/WiFi authentication replayEPSS 0.3%CVE-2024-52534MEDIUMDell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker wiEPSS 0.3%CVE-2011-20002HIGHA vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.2), SIMATIC S7-1200 CPU V2EPSS 0.3%CVE-2026-4583LOWShenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replayEPSS 0.3%CVE-2023-31759HIGHWeak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.EPSS 0.3%CVE-2023-31762HIGHWeak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a cEPSS 0.3%CVE-2023-31763HIGHWeak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.EPSS 0.3%CVE-2023-31761HIGHWeak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via EPSS 0.3%CVE-2024-43099HIGHAutomationDirect DirectLogic H2-DM1E Authentication Bypass by Capture-replayEPSS 0.3%CVE-2026-35618HIGHOpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only Variants in Plivo V2 VerificationEPSS 0.3%CVE-2023-46892HIGHThe radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record EPSS 0.3%CVE-2026-28787HIGHOneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replayEPSS 0.3%CVE-2026-28449MEDIUMOpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay SuppressionEPSS 0.3%