CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1912 vulnerabilities reference this CWE, most recent first.
GHSA-WM93-QJX4-VMF3
Vulnerability from github – Published: 2025-05-17 06:30 – Updated: 2025-05-17 06:30A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-4819"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-17T06:15:19Z",
"severity": "LOW"
},
"details": "A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-wm93-qjx4-vmf3",
"modified": "2025-05-17T06:30:28Z",
"published": "2025-05-17T06:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4819"
},
{
"type": "WEB",
"url": "https://github.com/chujianxin0101/vuln/issues/4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.309276"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.309276"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.574443"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WP93-PRX6-VQJM
Vulnerability from github – Published: 2025-03-20 18:30 – Updated: 2025-03-20 18:30A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
{
"affected": [],
"aliases": [
"CVE-2025-2547"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T16:15:16Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
"id": "GHSA-wp93-prx6-vqjm",
"modified": "2025-03-20T18:30:30Z",
"published": "2025-03-20T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2547"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvNetwork-1b153a41781f80109325dbc96ffc0295?pvs=4"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formAdvNetwork-1b053a41781f8085a4e8d3c1d1de5f56?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.300161"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.300161"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.516789"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WQ3X-7666-HHGC
Vulnerability from github – Published: 2024-12-16 18:31 – Updated: 2026-04-01 18:32Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through 2.0.02.
{
"affected": [],
"aliases": [
"CVE-2024-54229"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-16T16:15:07Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through 2.0.02.",
"id": "GHSA-wq3x-7666-hhgc",
"modified": "2026-04-01T18:32:52Z",
"published": "2024-12-16T18:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54229"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/sv100-companion/vulnerability/wordpress-sv100-companion-plugin-2-0-02-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WQ88-JH9G-6H88
Vulnerability from github – Published: 2025-07-14 06:30 – Updated: 2025-07-14 06:30A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-7576"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-14T06:15:28Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-wq88-jh9g-6h88",
"modified": "2025-07-14T06:30:31Z",
"published": "2025-07-14T06:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7576"
},
{
"type": "WEB",
"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Production_html_Management_Backend_Unauthorized_Access.md"
},
{
"type": "WEB",
"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Production_html_Management_Backend_Unauthorized_Access.md#poc"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.316274"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.316274"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.609549"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WQJ4-2VW3-C5JW
Vulnerability from github – Published: 2025-05-23 15:31 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26.
{
"affected": [],
"aliases": [
"CVE-2025-47539"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-23T13:15:39Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26.",
"id": "GHSA-wqj4-2vw3-c5jw",
"modified": "2026-04-01T18:35:15Z",
"published": "2025-05-23T15:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47539"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/wp-event-solution/vulnerability/wordpress-eventin-4-0-26-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WR39-F7RR-44J9
Vulnerability from github – Published: 2025-09-04 21:31 – Updated: 2025-09-05 18:31In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2025-48528"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-04T19:15:38Z",
"severity": "MODERATE"
},
"details": "In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-wr39-f7rr-44j9",
"modified": "2025-09-05T18:31:19Z",
"published": "2025-09-04T21:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48528"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/frameworks/base/+/ca71b9a63c40ef3fa741c76a2835146283fbb69a"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WR4J-HG4G-74FM
Vulnerability from github – Published: 2026-07-10 18:32 – Updated: 2026-07-13 18:30A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-15377"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-10T17:16:54Z",
"severity": "LOW"
},
"details": "A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-wr4j-hg4g-74fm",
"modified": "2026-07-13T18:30:29Z",
"published": "2026-07-10T18:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15377"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1qnAoRYVrMeB4fhtLV4XFZOVrzVM3UeHx/view?usp=sharing"
},
{
"type": "WEB",
"url": "https://github.com/omarelshopky/cves/tree/main/eleveo/call-recording-software/CVE-2026-15377"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-15377"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/797462"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377444"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377444/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WV45-CW2M-63R8
Vulnerability from github – Published: 2025-08-22 15:33 – Updated: 2025-08-22 18:31MCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is stored in the data directory, readable by all users. Other users on the system can read the daemon's key and use it to log in, leading to privilege escalation.
{
"affected": [],
"aliases": [
"CVE-2025-50691"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-22T14:15:46Z",
"severity": "MODERATE"
},
"details": "MCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is stored in the data directory, readable by all users. Other users on the system can read the daemon\u0027s key and use it to log in, leading to privilege escalation.",
"id": "GHSA-wv45-cw2m-63r8",
"modified": "2025-08-22T18:31:20Z",
"published": "2025-08-22T15:33:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50691"
},
{
"type": "WEB",
"url": "https://github.com/MCSManager/MCSManager/pull/1596"
},
{
"type": "WEB",
"url": "https://github.com/bddjr/bddjr/discussions/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WVH6-GQ7G-CQ47
Vulnerability from github – Published: 2023-06-22 03:30 – Updated: 2024-04-04 04:59IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. IBM X-Force ID: 251767.
{
"affected": [],
"aliases": [
"CVE-2023-28956"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-22T02:15:48Z",
"severity": "HIGH"
},
"details": "IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. IBM X-Force ID: 251767.",
"id": "GHSA-wvh6-gq7g-cq47",
"modified": "2024-04-04T04:59:40Z",
"published": "2023-06-22T03:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28956"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251767"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7005519"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WW29-P4P9-HMQP
Vulnerability from github – Published: 2025-03-30 18:30 – Updated: 2025-03-30 18:30A vulnerability has been found in TOTOLINK A3000RU up to 5.9c.5185 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/ExportIbmsConfig.sh of the component IBMS Configuration File Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-2955"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-30T18:15:14Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in TOTOLINK A3000RU up to 5.9c.5185 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/ExportIbmsConfig.sh of the component IBMS Configuration File Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-ww29-p4p9-hmqp",
"modified": "2025-03-30T18:30:24Z",
"published": "2025-03-30T18:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2955"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3000RU-ExportIbmsConfig-1b953a41781f80b89397e8c34717eb94?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.302008"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.302008"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.521567"
},
{
"type": "WEB",
"url": "https://www.totolink.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.