VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 3 of 24
  • CVE-2024-46624HigDec 3, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users.

  • CVE-2024-11969HigNov 28, 2024
    risk 0.57cvss 8.8epss 0.00

    The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence…

  • CVE-2024-51162HigNov 20, 2024
    risk 0.57cvss 8.8epss 0.01

    An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any privilege) of Audimex to dump the whole Audimex database. This gives visibility…

  • CVE-2024-48292HigNov 18, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges.

  • CVE-2020-11921HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic encryption, it is possible to hijack an ongoing Bluetooth connection between the Lush 2 and a mobile phone. This allows an attacker to gain full control over the device.

  • CVE-2019-20458HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes (and functions) without a password. The user is at no point prompted to set up a password on the device (leaving a number of devices without a password). In this case,…

  • CVE-2024-42028HigOct 28, 2024
    risk 0.57cvss 8.8epss 0.00

    A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server.

  • CVE-2024-48822HigOct 14, 2024
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page.

  • CVE-2024-3904HigJul 4, 2024
    risk 0.57cvss 8.8epss 0.00

    Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker…

  • CVE-2023-4664HigSep 15, 2023
    risk 0.57cvss 8.8epss 0.01

    Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9.

  • CVE-2018-10605HigOct 1, 2018
    risk 0.57cvss 8.8epss 0.01

    Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU.

  • CVE-2018-10604HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.02

    SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

  • CVE-2017-16522HigNov 3, 2017
    risk 0.57cvss 8.8epss 0.03

    MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.

  • CVE-2017-12230HigSep 29, 2017
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by using…

  • CVE-2025-44643HigAug 4, 2025
    risk 0.56cvss 8.6epss 0.00

    Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with…

  • CVE-2018-11454HigAug 7, 2018
    risk 0.56cvss 8.6epss 0.00

    A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions…

  • CVE-2018-25359HigMay 25, 2026
    risk 0.55cvss 8.4epss 0.00

    Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a…

  • CVE-2026-0432HigMay 15, 2026
    risk 0.55cvss epss 0.00

    Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

  • CVE-2026-0539HigApr 22, 2026
    risk 0.55cvss epss 0.00

    Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This…

  • CVE-2025-8432HigOct 27, 2025
    risk 0.55cvss 8.4epss 0.00

    Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from…