CWE-732
Incorrect Permission Assignment for Critical Resource
Description
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642
CVEs mapped to this weakness (623)
page 1 of 32| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15379 | Cri | 0.74 | 9.8 | 0.86 | Oct 5, 2018 | A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of… | ||
| CVE-2014-125121 | Cri | 0.73 | — | 0.01 | Jul 31, 2025 | Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a… | ||
| CVE-2017-20198 | Cri | 0.69 | — | 0.01 | Jul 23, 2025 | The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem (/) with read/write privileges. When using a… | ||
| CVE-2017-16885 | Cri | 0.69 | 9.8 | 0.33 | Jan 12, 2018 | Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version… | ||
| CVE-2018-10285 | Cri | 0.68 | 9.8 | 0.13 | Apr 22, 2018 | The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication. | ||
| CVE-2017-9602 | Cri | 0.67 | 9.8 | 0.04 | Jun 16, 2017 | KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script… | ||
| CVE-2026-9508 | Cri | 0.65 | — | 0.00 | May 29, 2026 | Incorrect permission settings on a critical resource in Suprema BioStar 2 (versions 2.9.3 through 2.9.11) that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network… | ||
| CVE-2025-14988 | — | Cri | 0.65 | — | 0.00 | Jan 27, 2026 | A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system. | |
| CVE-2025-69426 | Cri | 0.65 | — | 0.00 | Jan 9, 2026 | The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables… | ||
| CVE-2025-12004 | Cri | 0.65 | — | 0.00 | Oct 21, 2025 | Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42. | ||
| CVE-2018-1000226 | — | Cri | 0.65 | 9.8 | 0.12 | Aug 20, 2018 | Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation,… | |
| CVE-2025-8042 | Cri | 0.64 | 9.8 | 0.00 | Aug 19, 2025 | Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability was fixed in Firefox 141. | ||
| CVE-2025-43243 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system. | ||
| CVE-2025-25373 | Cri | 0.64 | 9.8 | 0.00 | Mar 25, 2025 | The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform. | ||
| CVE-2024-10018 | Cri | 0.64 | 9.8 | 0.00 | Oct 16, 2024 | Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component. | ||
| CVE-2024-9142 | Cri | 0.64 | 9.8 | 0.00 | Sep 25, 2024 | External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642. | ||
| CVE-2024-8039 | Cri | 0.64 | 9.8 | 0.00 | Sep 14, 2024 | Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks. | ||
| CVE-2024-5618 | Cri | 0.64 | 9.9 | 0.00 | Jul 18, 2024 | Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1. | ||
| CVE-2024-5163 | Cri | 0.64 | 9.8 | 0.01 | Jun 17, 2024 | Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks. | ||
| CVE-2024-33435 | Cri | 0.64 | 9.8 | 0.01 | Apr 29, 2024 | Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi high-definition intelligent recording and playback system 2007-2017 allows a remote attacker to execute arbitrary code via the /manage/IPSetup.php backend function |
- risk 0.74cvss 9.8epss 0.86
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of…
- risk 0.73cvss —epss 0.01
Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a…
- risk 0.69cvss —epss 0.01
The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem (/) with read/write privileges. When using a…
- risk 0.69cvss 9.8epss 0.33
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version…
- risk 0.68cvss 9.8epss 0.13
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.
- risk 0.67cvss 9.8epss 0.04
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script…
- risk 0.65cvss —epss 0.00
Incorrect permission settings on a critical resource in Suprema BioStar 2 (versions 2.9.3 through 2.9.11) that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network…
- risk 0.65cvss —epss 0.00
A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.
- risk 0.65cvss —epss 0.00
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables…
- risk 0.65cvss —epss 0.00
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.
- risk 0.65cvss 9.8epss 0.12
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation,…
- risk 0.64cvss 9.8epss 0.00
Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability was fixed in Firefox 141.
- risk 0.64cvss 9.8epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
- risk 0.64cvss 9.8epss 0.00
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform.
- risk 0.64cvss 9.8epss 0.00
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
- risk 0.64cvss 9.8epss 0.00
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642.
- risk 0.64cvss 9.8epss 0.00
Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.
- risk 0.64cvss 9.9epss 0.00
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1.
- risk 0.64cvss 9.8epss 0.01
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks.
- risk 0.64cvss 9.8epss 0.01
Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi high-definition intelligent recording and playback system 2007-2017 allows a remote attacker to execute arbitrary code via the /manage/IPSetup.php backend function