CVE-2025-47706 – Drupal Enterprise MFA – TFA Authentication Bypass by Capture-replay Vulnerability

May 14, 2025

CVE ID : CVE-2025-47706

Published : May 14, 2025, 5:15 p.m. | 1 hour, 51 minutes ago

Description : Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA – TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA – TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47707 – Drupal Enterprise MFA – TFA Authentication Bypass

Next Article CVE-2025-47704 – Drupal Klaro Cookie & Consent Management Cross-Site Scripting (XSS)

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-47706 – Drupal Enterprise MFA – TFA Authentication Bypass by Capture-replay Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-5849 – Tenda AC15 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

“We were too confident”: Steve Ballmer says Microsoft’s paranoia and overconfidence fumbled $400 billion in Windows Phone

CVE-2025-48269 – WPAdverts Cross-Site Scripting (XSS)

CVE-2025-47573 – Mojoomla School Management SQL Injection

June 2025: All AI updates from the past month

I’ve listed Minecraft’s best and worst moments from the last 16 years

CVE-2025-53489 – Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

CVE-2025-47706 – Drupal Enterprise MFA – TFA Authentication Bypass by Capture-replay Vulnerability

Related Posts