CVE-2023-4178
9.8 CRITICALAuthentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass
Published: 2023-09-05 · Last updated: 2026-05-21
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-290
Affected products
| Vendor | Product |
|---|---|
| neutron | smart_vms |
Description
Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neutron Smart VMS: before b1130.1.0.1.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2023-6118 — Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal (7.5 HIGH)
Same CWE
- CVE-2026-53833 — OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders... (7.7 HIGH)
- CVE-2026-53832 — OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy id... (7.7 HIGH)
- CVE-2026-53823 — OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names (8.1 HIGH)
- CVE-2026-5792 — Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc (6.5 MEDIUM)
- CVE-2026-53817 — OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to... (8.8 HIGH)