VYPR

CWE-494

Download of Code Without Integrity Check

BaseDraftLikelihood: Medium

Description

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-184 · CAPEC-185 · CAPEC-186 · CAPEC-187 · CAPEC-533 · CAPEC-538 · CAPEC-657 · CAPEC-662 · CAPEC-691 · CAPEC-692 · CAPEC-693 · CAPEC-695

CVEs mapped to this weakness (62)

page 1 of 4
  • CVE-2025-56513CriSep 30, 2025
    risk 0.64cvss 9.8epss 0.00

    NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are…

  • CVE-2025-28236CriApr 18, 2025
    risk 0.64cvss 9.8epss 0.00

    Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability allows attackers to execute arbitrary code via supplying a crafted update package to the…

  • CVE-2023-41921CriJul 2, 2024
    risk 0.64cvss 9.8epss 0.00

    A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently verifying the origin and integrity of the code. This vulnerability can allow attackers to modify the firmware before uploading it to the…

  • CVE-2016-6567CriJul 13, 2018
    risk 0.64cvss 9.8epss 0.03

    SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is…

  • CVE-2002-0671CriJul 23, 2002
    risk 0.64cvss 9.8epss 0.01

    Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.

  • CVE-2001-1125CriOct 5, 2001
    risk 0.64cvss 9.8epss 0.02

    Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.

  • CVE-2026-3502HigKEVMar 30, 2026
    risk 0.63cvss 7.8epss 0.06

    TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in…

  • CVE-2024-28878CriApr 12, 2024
    risk 0.62cvss 9.6epss 0.00

    IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes the code without sufficiently verifying the origin or integrity of the code.

  • CVE-2026-45058CriMay 28, 2026
    risk 0.61cvss epss 0.00

    electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync…

  • CVE-2026-9037CriMay 28, 2026
    risk 0.60cvss epss 0.00

    A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through the device's management interface. Because cryptographic signatures are not verified, an attacker with the ability to interfere with or…

  • CVE-2025-53696CriJul 28, 2025
    risk 0.60cvss epss 0.00

    iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected.

  • CVE-2025-27593CriMar 14, 2025
    risk 0.60cvss 9.3epss 0.00

    The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.

  • CVE-2024-48974CriNov 14, 2024
    risk 0.60cvss 9.3epss 0.00

    The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device's configuration settings and/or compromise device functionality by pushing a compromised/illegitimate…

  • CVE-2026-9089HigMay 21, 2026
    risk 0.57cvss 8.8epss 0.00

    The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

  • CVE-2026-42249CriApr 29, 2026
    risk 0.57cvss 9.8epss 0.01

    Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers…

  • CVE-2026-42248CriApr 29, 2026
    risk 0.57cvss 9.8epss 0.00

    Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is…

  • CVE-2026-40066HigApr 17, 2026
    risk 0.57cvss 8.8epss 0.00

    Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes a script resulting in unauthenticated remote code execution.

  • CVE-2026-34841CriApr 6, 2026
    risk 0.57cvss 9.8epss 0.00

    Bruno is an open source IDE for exploring and testing APIs. Prior to 3.2.1, Bruno was affected by a supply chain attack involving compromised versions of the axios npm package, which introduced a hidden dependency deploying a cross-platform Remote Access Trojan (RAT). Users of…

  • CVE-2025-53520HigAug 8, 2025
    risk 0.57cvss 8.8epss 0.00

    The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center (remote, cloud-connected interface) or via a serial connection, and can install these files without integrity checks.…

  • CVE-2025-7620HigJul 14, 2025
    risk 0.57cvss 8.8epss 0.00

    The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute…