Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CWE-552 represents a critical access control weakness where software improperly exposes files or directories to unauthorized external actors. This vulnerability typically arises when applications store sensitive data within a publicly accessible root directory, such as those used by web or FTP servers, without implementing adequate permission restrictions. Attackers exploit this flaw by directly requesting the paths of these unprotected resources, thereby gaining unauthorized access to confidential information like configuration files, user data, or source code. To prevent such breaches, developers must enforce strict access controls, ensuring that only authenticated and authorized users can retrieve specific files. Additionally, separating sensitive data from public web roots and applying robust file permission settings are essential strategies to mitigate the risk of accidental or malicious exposure to external parties.

MITRE CWE Description
The product makes files or directories accessible to unauthorized actors, even though they should not be. Web servers, FTP servers, and similar servers may store a set of files underneath a "root" directory that is accessible to the server's users. Applications may store sensitive files underneath this root without also using access control to limit which users may request those files, if any. Alternately, an application might package multiple files or directories into an archive file (e.g., ZIP or tar), but the application might not exclude sensitive files that are underneath those directories. In cloud technologies and containers, this weakness might present itself in the form of misconfigured storage accounts that can be read or written by a public or anonymous user.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (1)
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
Examples (2)
The following Azure command updates the settings for a storage account:
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access true
Bad · Shell
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access false
Good · Shell
The following Google Cloud Storage command gets the settings for a storage account named 'BUCKET_NAME':
gsutil iam get gs://BUCKET_NAME
Informative · Shell
{ "bindings":[{ "members":[ "projectEditor: PROJECT-ID", "projectOwner: PROJECT-ID" ], "role":"roles/storage.legacyBucketOwner" }, { "members":[ "allUsers", "projectViewer: PROJECT-ID" ], "role":"roles/storage.legacyBucketReader" } ] }
Bad · JSON
CVE IDTitleCVSSSeverityPublished
CVE-2025-25266 Siemens Tecnomatix Plant Simulation 安全漏洞 — Tecnomatix Plant Simulation V2302 6.8 Medium2025-03-11
CVE-2025-2147 Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file access — Modern Farm Digital Integrated Management System 5.3 Medium2025-03-10
CVE-2024-48864 File Station 5 — File Station 5 9.1 -2025-03-07
CVE-2025-26525 Arbitrary file read risk through pdfTeX — moodle 8.6 High2025-02-24
CVE-2024-12917 Improper Access Control in Agito Computer's Health4All — Health4All 8.3 High2025-02-24
CVE-2025-23421 Qardio iOS and Android applications Files or Directories Accessible to External Parties — Heart Health IOS Mobile Application 6.4 Medium2025-02-13
CVE-2024-11629 Telerik Document Processing RTF Export of Arbitrary File Path — Progress® Telerik® Document Processing Libraries 7.1 High2025-02-12
CVE-2025-1042 Files or Directories Accessible to External Parties in GitLab — GitLab 4.9 Medium2025-02-12
CVE-2025-0509 Signing Checks Bypass — Sparkle 7.3 High2025-02-04
CVE-2023-29080 Privilege escalation in InstallShield — InstallShield 7.3 -2025-01-30
CVE-2024-47106 IBM Jazz for Service Management information disclosure — Jazz for Service Management 5.3 Medium2025-01-18
CVE-2024-45627 Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability — Apache Linkis Metadata Query Service JDBC 6.5 -2025-01-14
CVE-2024-53649 Siemens SIPROTEC 5 安全漏洞 — SIPROTEC 5 6MD84 (CP300) 6.5 Medium2025-01-14
CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions — Arista Edge Threat Management 6.4 Medium2025-01-10
CVE-2024-43660 Arbitrary file download using <redacted>.sh — Iocharger firmware for AC models 7.5 -2025-01-09
CVE-2024-54099 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.7 Medium2024-12-12
CVE-2024-51542 Configuration Download — ASPECT-Enterprise 8.2 High2024-12-05
CVE-2024-53676 Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — HPE Insight Remote Support 9.8 Critical2024-11-27
CVE-2024-10126 Local file inclusion vulnerability in M-Files Server — M-Files Server 4.3AIMediumAI2024-11-20
CVE-2024-31141 Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider — Apache Kafka Clients 6.5AIMediumAI2024-11-19
CVE-2023-20039 Cisco Industrial Network Director File Permissions — Cisco Industrial Network Director 5.5 Medium2024-11-15
CVE-2024-52292 Craft Allows Attackers to Read Arbitrary System Files — cms 7.7 High2024-11-13
CVE-2024-48838 Dell SmartFabric OS10 安全漏洞 — SmartFabric OS10 Software 3.3 Low2024-11-12
CVE-2024-10526 Rapid7 Velociraptor Local Privilege Escalation In Windows Velociraptor Service — Velociraptor 7.8AIHighAI2024-11-07
CVE-2024-49359 ZimaOS vulnerable to Directory Listing via Parameter Manipulation — ZimaOS 7.5 High2024-10-24
CVE-2024-49756 AshPostgres empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. — ash_postgres 5.3 Medium2024-10-23
CVE-2024-7107 Directory Traversal in National Keep's CyberMath — CyberMath 6.5AIMediumAI2024-09-26
CVE-2024-6878 Directory Browsing in Eliz Software's Panel — Panel 6.5AIMediumAI2024-09-18
CVE-2024-8655 Mercury MNVR816 web-static file access — MNVR816 5.3 Medium2024-09-10
CVE-2024-39581 Dell InsightIQ 安全漏洞 — PowerScale InsightIQ 7.3 High2024-09-10

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.