Common Weakness Enumeration

CWE-552

Allowed

Files or Directories Accessible to External Parties

Abstraction: Base · Status: Draft

The product makes files or directories accessible to unauthorized actors, even though they should not be.

670 vulnerabilities reference this CWE, most recent first.

GHSA-9493-8HW4-J4XF

Vulnerability from github – Published: 2022-02-09 00:00 – Updated: 2022-02-09 00:00
VLAI
Details

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23316"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-04T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file\u0026ctrl=download\u0026path=../../1.txt.",
  "id": "GHSA-9493-8hw4-j4xf",
  "modified": "2022-02-09T00:00:38Z",
  "published": "2022-02-09T00:00:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23316"
    },
    {
      "type": "WEB",
      "url": "https://github.com/taogogo/taocms/issues/15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-953P-GRM5-8VPV

Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52
VLAI
Details

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-5112"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-11T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox \u003c 58.",
  "id": "GHSA-953p-grm5-8vpv",
  "modified": "2022-05-13T01:52:42Z",
  "published": "2022-05-13T01:52:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5112"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1425224"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3544-1"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-02"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102786"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040270"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-96R9-8CRR-VWWP

Vulnerability from github – Published: 2026-05-11 21:31 – Updated: 2026-05-12 15:31
VLAI
Details

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-39871"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-11T21:19:00Z",
    "severity": "HIGH"
  },
  "details": "A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data.",
  "id": "GHSA-96r9-8crr-vwwp",
  "modified": "2026-05-12T15:31:35Z",
  "published": "2026-05-11T21:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39871"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127115"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127116"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127117"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-979H-W3GC-XRMQ

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2026-06-29 15:31
VLAI
Details

A CWE-269: Improper Privilege Management vulnerability exists in EnerlinÕX ComÕX versions prior to V6.8.4 that could cause disclosure of device configuration information to any authenticated user when a specially crafted request is sent to the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22769"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-11T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A CWE-269: Improper Privilege Management vulnerability exists in Enerlin\u00d5X Com\u00d5X versions prior to V6.8.4 that could cause disclosure of device configuration information to any authenticated user when a specially crafted request is sent to the device.",
  "id": "GHSA-979h-w3gc-xrmq",
  "modified": "2026-06-29T15:31:54Z",
  "published": "2022-05-24T22:28:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22769"
    },
    {
      "type": "WEB",
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-06"
    },
    {
      "type": "WEB",
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-98GJ-54M7-M5M8

Vulnerability from github – Published: 2022-01-29 00:00 – Updated: 2022-04-20 00:01
VLAI
Details

An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-21236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-28T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.",
  "id": "GHSA-98gj-54m7-m5m8",
  "modified": "2022-04-20T00:01:44Z",
  "published": "2022-01-29T00:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21236"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1446"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-99CP-FCQX-FCJJ

Vulnerability from github – Published: 2022-01-11 00:00 – Updated: 2022-01-16 00:01
VLAI
Details

Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22269"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:12:00Z",
    "severity": "LOW"
  },
  "details": "Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.",
  "id": "GHSA-99cp-fcqx-fcjj",
  "modified": "2022-01-16T00:01:05Z",
  "published": "2022-01-11T00:00:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22269"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-99W3-WM8P-H383

Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-01-14 15:32
VLAI
Details

phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-69990"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T16:16:04Z",
    "severity": "CRITICAL"
  },
  "details": "phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.",
  "id": "GHSA-99w3-wm8p-h383",
  "modified": "2026-01-14T15:32:58Z",
  "published": "2026-01-13T18:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69990"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/File%20deletion%20vulnerability.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9CW6-XMV9-Q69P

Vulnerability from github – Published: 2022-05-24 17:42 – Updated: 2022-05-24 17:42
VLAI
Details

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-24T20:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.",
  "id": "GHSA-9cw6-xmv9-q69p",
  "modified": "2022-05-24T17:42:59Z",
  "published": "2022-05-24T17:42:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1361"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9FVP-QC7G-XP2H

Vulnerability from github – Published: 2025-01-11 00:32 – Updated: 2025-01-11 00:32
VLAI
Details

Specially constructed queries targeting ETM could discover active remote access sessions

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47518"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-10T22:15:26Z",
    "severity": "MODERATE"
  },
  "details": "Specially constructed queries targeting ETM could discover active remote access sessions",
  "id": "GHSA-9fvp-qc7g-xp2h",
  "modified": "2025-01-11T00:32:05Z",
  "published": "2025-01-11T00:32:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47518"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9GF6-5J7X-X3M9

Vulnerability from github – Published: 2023-06-26 00:30 – Updated: 2024-04-04 05:09
VLAI
Details

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-36664"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-25T22:15:21Z",
    "severity": "HIGH"
  },
  "details": "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).",
  "id": "GHSA-9gf6-5j7x-x3m9",
  "modified": "2024-04-04T05:09:16Z",
  "published": "2023-06-26T00:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36664"
    },
    {
      "type": "WEB",
      "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706761"
    },
    {
      "type": "WEB",
      "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d"
    },
    {
      "type": "WEB",
      "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=505eab7782b429017eb434b2b95120855f2b0e3c"
    },
    {
      "type": "WEB",
      "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d"
    },
    {
      "type": "WEB",
      "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=505eab7782b429017eb434b2b95120855f2b0e3c"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICXN5VPF3WJCYKMPSYER5KHTPJXSTJZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EWMEK2UPCUU3ZLL7VASE5CEHDQY4VKV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICXN5VPF3WJCYKMPSYER5KHTPJXSTJZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EWMEK2UPCUU3ZLL7VASE5CEHDQY4VKV"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202309-03"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5446"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.

CAPEC-150: Collect Data from Common Resource Locations

An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.

CAPEC-639: Probe System Files

An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.