CVE-2024-1202
9.8 CRITICALAuthentication Bypass by Primary Weakness vulnerability in XPodas Octopod allows Authentication Bypass
Published: 2024-03-21 · Last updated: 2026-06-03
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-305
Description
Authentication Bypass by Primary Weakness vulnerability in XPodas Octopod allows Authentication Bypass. This issue affects Octopod: before v1. NOTE: The vendor was contacted and it was learned that the product is not supported.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2025-7064 — Authentication bypass by primary weakness vulnerability in ABB Freelance (6.6 MEDIUM)
- CVE-2026-25555 — OpenBullet2 through version 0.3.2 contains an authentication bypass vulnerability in the API key authentication middleware that allows un... (9.8 CRITICAL)
- CVE-2026-9798 — A flaw was found in Keycloak, an open-source identity and access management solution (4.3 MEDIUM)
- CVE-2026-41054 — In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`) (7.8 HIGH)
- CVE-2026-6334 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce client identity binding during the OAuth authorization code red... (3.1 LOW)