CWE-276
Incorrect Default Permissions
BaseDraftLikelihood: Medium
Description
During installation, installed file permissions are set to allow anyone to modify those files.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-127 · CAPEC-81
CVEs mapped to this weakness (273)
page 1 of 14| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-0632 | Cri | 0.86 | 9.8 | 0.93 | KEV | Jan 17, 2013 | administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013. |
| CVE-1999-0426 | Cri | 0.67 | 9.8 | 0.08 | Mar 1, 1999 | The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. | |
| CVE-2020-37129 | Cri | 0.64 | 9.8 | 0.00 | Feb 5, 2026 | Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file modification permissions. | |
| CVE-2025-8031 | Cri | 0.64 | 9.8 | 0.00 | Jul 22, 2025 | The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. | |
| CVE-2025-40585 | Cri | 0.64 | 9.9 | 0.00 | Jun 10, 2025 | A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR component and tamper with outputs from the device. | |
| CVE-2025-30465 | Cri | 0.64 | 9.8 | 0.00 | Mar 31, 2025 | A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma 14.7.5, macOS Sonoma 14.8.2, macOS Tahoe 26.1, macOS Ventura 13.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. | |
| CVE-2025-24238 | Cri | 0.64 | 9.8 | 0.00 | Mar 31, 2025 | A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to gain elevated privileges. | |
| CVE-2025-24207 | Cri | 0.64 | 9.8 | 0.00 | Mar 31, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to enable iCloud storage features without user consent. | |
| CVE-2025-24195 | Cri | 0.64 | 9.8 | 0.00 | Mar 31, 2025 | An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges. | |
| CVE-2025-24172 | Cri | 0.64 | 9.8 | 0.00 | Mar 31, 2025 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All Remote Content" may not apply for all mail previews. | |
| CVE-2025-25535 | Cri | 0.64 | 9.8 | 0.01 | Mar 26, 2025 | HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request. | |
| CVE-2024-56525 | Cri | 0.64 | 9.8 | 0.00 | Feb 24, 2025 | In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin. | |
| CVE-2025-24093 | Cri | 0.64 | 9.8 | 0.00 | Jan 27, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access removable volumes without user consent. | |
| CVE-2024-45494 | Cri | 0.64 | 9.8 | 0.00 | Dec 10, 2024 | An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected firmware versions. | |
| CVE-2024-54751 | Cri | 0.64 | 9.8 | 0.00 | Dec 10, 2024 | COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | |
| CVE-2024-51051 | Cri | 0.64 | 9.8 | 0.00 | Nov 18, 2024 | AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account. | |
| CVE-2023-27195 | Cri | 0.64 | 9.8 | 0.00 | Nov 8, 2024 | Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func=UserfromUUID&uuid= to retrieve the last registration access code and use this access code to register a valid account. via a PUT /inc/tm_ajax.msw request. If the access code was used to create an Administrator account, attackers are also able to register new Administrator accounts with full privileges. | |
| CVE-2024-48823 | Cri | 0.64 | 9.8 | 0.01 | Oct 14, 2024 | Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page. | |
| CVE-2024-27144 | Cri | 0.64 | 9.8 | 0.02 | Jun 14, 2024 | The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL. | |
| CVE-2006-5014 | Hig | 0.60 | 8.8 | 0.03 | Sep 27, 2006 | Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin. |