How severe is CVE-2014-125057?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2014-125057?

This is classified as CWE-697, which is a common weakness in software security.

CVE-2014-125057

CRITICAL Year: 2014

CVSS v3 Score

9.8

Critical

CVSS v2 Score

2.1

Low

Weakness Type

CWE-697

View all →

Vulnerability Description

A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic. This affects an unknown part of the file app/filters.php of the component CSRF Token Handler. The manipulation of the argument _token leads to incorrect comparison. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 6b2813696ccb88d0576dfb305122ee880eb36197. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217599.

CVE-2020-23359

CRITICAL

CVSS:9.8(Critical)

WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can ...

CWE-6972020

CVE-2020-23360

CRITICAL

CVSS:9.8(Critical)

oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/passwo...

CWE-6972020

CVE-2021-35973

CRITICAL

CVSS:9.8(Critical)

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currents...

CWE-6972021

CVE-2021-3833

CRITICAL

CVSS:9.8(Critical)

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. An attacker with a specific formatted pass...

CWE-6972021

CVE-2021-44971

CRITICAL

CVSS:9.8(Critical)

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, ...

CWE-6972021

CVE-2022-47034

CRITICAL

CVSS:9.8(Critical)

A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows attackers to bypass authentication.

CWE-6972022

CVE-2014-125057

Vulnerability Description

Related Vulnerabilities

CVE-2020-23359

CVE-2020-23360

CVE-2021-35973

CVE-2021-3833

CVE-2021-44971

CVE-2022-47034