VYPR

CWE-494

Download of Code Without Integrity Check

BaseDraftLikelihood: Medium

Description

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-184 · CAPEC-185 · CAPEC-186 · CAPEC-187 · CAPEC-533 · CAPEC-538 · CAPEC-657 · CAPEC-662 · CAPEC-691 · CAPEC-692 · CAPEC-693 · CAPEC-695

CVEs mapped to this weakness (62)

page 2 of 4
  • CVE-2024-30206HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating…

  • CVE-2024-54126HigDec 5, 2024
    risk 0.55cvss epss 0.00

    This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading…

  • CVE-2025-1058HigFeb 13, 2025
    risk 0.53cvss 8.1epss 0.00

    CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded.

  • CVE-2016-6564HigJul 13, 2018
    risk 0.53cvss 8.1epss 0.03

    Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as…

  • CVE-2018-13012HigJun 29, 2018
    risk 0.53cvss 8.1epss 0.01

    Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting…

  • CVE-2008-3324HigAug 18, 2008
    risk 0.53cvss 8.1epss 0.01

    The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.

  • CVE-2008-3438HigAug 1, 2008
    risk 0.53cvss 8.1epss 0.01

    Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

  • CVE-2025-52263HigOct 27, 2025
    risk 0.52cvss 8.0epss 0.00

    An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows authenticated network-adjacent attackers to upload crafted firmware, leading to arbitrary code execution.

  • CVE-2025-9319HigSep 11, 2025
    risk 0.49cvss 7.5epss 0.00

    A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions.

  • CVE-2024-52583HigNov 18, 2024
    risk 0.46cvss 8.2epss 0.00

    The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page `schedule.html` before 17 November 2024 or commit 93dfb83 contains links to `Leostop`, a site that hosts a malicious injected JavaScript…

  • CVE-2017-2707HigNov 22, 2017
    risk 0.46cvss 7.1epss 0.00

    Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send…

  • CVE-2026-30603MedApr 2, 2026
    risk 0.44cvss 6.8epss 0.00

    An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card.

  • CVE-2026-42575HigMay 9, 2026
    risk 0.42cvss 7.5epss 0.00

    apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recorded in the signed index. The checksum is…

  • CVE-2025-11182MedOct 2, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code Without Integrity Check vulnerability in GTONE ChangeFlow allows Path Traversal.This issue affects ChangeFlow: All versions to v9.0.1.1.

  • CVE-2017-12740MedDec 26, 2017
    risk 0.38cvss 5.9epss 0.01

    Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.

  • CVE-2026-3428MedApr 16, 2026
    risk 0.35cvss epss 0.00

    A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TOU) during the update process, where an…

  • CVE-2025-15575MedFeb 12, 2026
    risk 0.34cvss 5.3epss 0.00

    The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks…

  • CVE-2026-32148MedApr 30, 2026
    risk 0.31cvss 5.9epss 0.00

    Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked…

  • CVE-2025-10539MedApr 28, 2026
    risk 0.31cvss 4.8epss 0.00

    Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime update servers can return a malicious executable in response to an update request.…

  • CVE-2018-14620MedSep 10, 2018
    risk 0.31cvss 4.7epss 0.01

    The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of…