Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2025-48082 WordPress Progress Planner plugin <= 1.8.0 - Privilege Escalation vulnerability — Progress Planner 8.8 High2025-10-22
CVE-2025-62645 Restaurant Brands International assistant platform 安全漏洞 — assistant platform 9.9 Critical2025-10-17
CVE-2025-10577 Sound Research SECOMNService Escalation of Privilege — Sound Research 7.8AIHighAI2025-10-15
CVE-2025-10576 Sound Research SECOMNService Escalation of Privilege — Sound Research 7.8AIHighAI2025-10-15
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation — Binary MLM Plan 6.5 Medium2025-10-15
CVE-2025-61785 Deno's --deny-write check does not prevent permission bypass — deno 5.3AIMediumAI2025-10-08
CVE-2025-43914 Dell PowerProtect Data Domain 安全漏洞 — PowerProtect Data Domain BoostFS for Linux Ubuntu Feature Release 7.5 High2025-10-07
CVE-2025-10725 Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin — opendatahub-operator 9.9 Critical2025-09-30
CVE-2025-59945 SysReptor Susceptible to Privilege Escalation by Authenticated Users — sysreptor 8.1 High2025-09-27
CVE-2025-26517 CVE-2025-26517 Privilege Escalation Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID 5.4 Medium2025-09-19
CVE-2025-10644 Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability — Repairit 9.8AICriticalAI2025-09-17
CVE-2025-49401 WordPress smart SEO Plugin <= 4.0 - Privilege Escalation Vulnerability — smart SEO 9.8 Critical2025-09-05
CVE-2025-58841 WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability — Media Author 5.5 Medium2025-09-05
CVE-2024-32444 WordPress RealHomes theme <= 4.3.6 - Privilege Escalation vulnerability — RealHomes 9.8 Critical2025-09-03
CVE-2025-58323 NAVER MYBOX Explorer for Windows 安全漏洞 — NAVER MYBOX Explorer 7.8 -2025-08-29
CVE-2025-49388 WordPress Miraculous Core Plugin Plugin <= 2.0.7 - Privilege Escalation Vulnerability — Miraculous Core Plugin 9.8 Critical2025-08-28
CVE-2025-48348 WordPress Site Offline plugin <= 1.5.7 - Broken Access Control vulnerability — Site Offline 4.3 Medium2025-08-28
CVE-2025-58322 NAVER MYBOX Explorer for Windows 安全漏洞 — NAVER MYBOX Explorer 7.8 -2025-08-28
CVE-2025-57797 Fujitsu ScanSnap Manager 安全漏洞 — ScanSnap Manager installers 7.8 -2025-08-27
CVE-2025-49422 WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability — Support Ticket 9.8 Critical2025-08-20
CVE-2025-48142 WordPress Bookify <= 1.0.9 - Privilege Escalation Vulnerability — Bookify 8.8 High2025-08-20
CVE-2025-48165 WordPress DELUCKS SEO Plugin <= 2.6.0 - Privilege Escalation Vulnerability — DELUCKS SEO 8.8 High2025-08-20
CVE-2025-48164 WordPress SureDash <= 1.0.3 - Privilege Escalation Vulnerability — SureDash 8.8 High2025-08-20
CVE-2025-53580 WordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation Vulnerability — Simple Business Directory Pro 9.8 Critical2025-08-20
CVE-2025-54049 WordPress Custom API for WP <= 4.2.2 - Privilege Escalation Vulnerability — Custom API for WP 9.9 Critical2025-08-20
CVE-2025-54735 WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability — CubeWP 8.8 High2025-08-20
CVE-2025-5417 Rhdh: red hat developer hub user permissions — Red Hat Developer Hub 6.1 Medium2025-08-19
CVE-2025-36613 Dell SupportAssist for Business PCs和Dell SupportAssist for Home PCs 安全漏洞 — SupportAssist for Home PCs 2.8 Low2025-08-14
CVE-2025-36612 Dell SupportAssist for Business PCs 安全漏洞 — SupportAssist for Business PCs 6.7 Medium2025-08-14
CVE-2025-38738 Dell SupportAssist for Home PCs 安全漏洞 — SupportAssist for Home PCs 6.7 Medium2025-08-14

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.