Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CWE-552 represents a critical access control weakness where software improperly exposes files or directories to unauthorized external actors. This vulnerability typically arises when applications store sensitive data within a publicly accessible root directory, such as those used by web or FTP servers, without implementing adequate permission restrictions. Attackers exploit this flaw by directly requesting the paths of these unprotected resources, thereby gaining unauthorized access to confidential information like configuration files, user data, or source code. To prevent such breaches, developers must enforce strict access controls, ensuring that only authenticated and authorized users can retrieve specific files. Additionally, separating sensitive data from public web roots and applying robust file permission settings are essential strategies to mitigate the risk of accidental or malicious exposure to external parties.

MITRE CWE Description
The product makes files or directories accessible to unauthorized actors, even though they should not be. Web servers, FTP servers, and similar servers may store a set of files underneath a "root" directory that is accessible to the server's users. Applications may store sensitive files underneath this root without also using access control to limit which users may request those files, if any. Alternately, an application might package multiple files or directories into an archive file (e.g., ZIP or tar), but the application might not exclude sensitive files that are underneath those directories. In cloud technologies and containers, this weakness might present itself in the form of misconfigured storage accounts that can be read or written by a public or anonymous user.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (1)
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
Examples (2)
The following Azure command updates the settings for a storage account:
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access true
Bad · Shell
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access false
Good · Shell
The following Google Cloud Storage command gets the settings for a storage account named 'BUCKET_NAME':
gsutil iam get gs://BUCKET_NAME
Informative · Shell
{ "bindings":[{ "members":[ "projectEditor: PROJECT-ID", "projectOwner: PROJECT-ID" ], "role":"roles/storage.legacyBucketOwner" }, { "members":[ "allUsers", "projectViewer: PROJECT-ID" ], "role":"roles/storage.legacyBucketReader" } ] }
Bad · JSON
CVE IDTitleCVSSSeverityPublished
CVE-2023-49198 Apache SeaTunnel Web: Arbitrary file read vulnerability — Apache SeaTunnel Web 7.5AIHighAI2024-08-21
CVE-2024-41699 Priority – CWE-552: Files or Directories Accessible to External Parties — Priority 4.4 Medium2024-08-20
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download — SMP-2100 7.5 High2024-08-14
CVE-2024-3913 Phoenix Contact: Start sequence allows attack during the boot process — CHARX SEC-3000 (1139022) 5.9 Medium2024-08-13
CVE-2024-38876 Siemens多款产品 安全漏洞 — Omnivise T3000 Application Server R9.2 7.8 High2024-08-02
CVE-2024-27182 Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability — Apache Linkis Basic management services 6.5AIMediumAI2024-08-02
CVE-2024-38429 Matrix - CWE-552: Files or Directories Accessible to External Parties — Tafnit v8 7.5 High2024-07-30
CVE-2024-6911 Unauthenticated Local File Inclusion — ProcessPlus 7.5AIHighAI2024-07-22
CVE-2023-41916 Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading — Apache Linkis DataSource 6.5 -2024-07-15
CVE-2024-6421 Pepperl+Fuchs: Incorrectly configured FTP-Server in OIT Products — OIT1500-F113-B12-CB 7.5 High2024-07-10
CVE-2024-6209 unauthorized file access — ASPECT-Enterprise 10.0 Critical2024-07-05
CVE-2024-4836 LFI in sites managed by Edito CMS — Edito CMS 7.5 High2024-07-02
CVE-2024-5056 Schneider Electric Modicon M340 安全漏洞 — Modicon M340 6.5 Medium2024-06-12
CVE-2024-5262 ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties — Interactsh 9.1AICriticalAI2024-06-05
CVE-2024-5587 Casdoor Configuration File app.conf file access — Casdoor 5.3 Medium2024-06-02
CVE-2024-5045 SourceCodester Online Birth Certificate Management System admin file access — Online Birth Certificate Management System 5.3 Medium2024-05-17
CVE-2024-35183 wolfictl leaks GitHub tokens to remote non-GitHub git servers — wolfictl 4.4 Medium2024-05-15
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings — wings 8.5 High2024-05-03
CVE-2023-39480 Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability — Secure Integration Server 8.1 -2024-05-03
CVE-2023-39479 Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability — Secure Integration Server 6.5 -2024-05-03
CVE-2023-48710 iTop limit pages/exec.php script to PHP files — iTop 9.8 Critical2024-04-15
CVE-2024-2759 Improper access control in Apaczka plugin for PrestaShop — Apaczka 5.3 -2024-04-04
CVE-2024-2052 Schneider Electric Easergy T200 安全漏洞 — Easergy T200 (Modbus) Models: T200I, T200E, T200P, T200S, T200H 7.5 High2024-03-18
CVE-2023-45594 AiLux imx6 安全漏洞 — imx6 bundle 6.8 Medium2024-03-05
CVE-2024-21403 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability — Azure Kubernetes Service 9.0 Critical2024-02-13
CVE-2024-1005 Shanxi Diankeyun Technology NODERP log file access — NODERP 5.3 Medium2024-01-29
CVE-2023-48661 Dell Virtual Appliance Manager 安全漏洞 — vApp Manager 4.9 Medium2023-12-14
CVE-2023-50164 Apache Struts: File upload component had a directory traversal vulnerability — Apache Struts 9.8 -2023-12-07
CVE-2023-6375 Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely — Court Case Management Plus 5.3 Medium2023-11-30
CVE-2023-39545 NEC Expresscluster X 安全漏洞 — CLUSTERPRO X (EXPRESSCLUSTER X) 8.8 -2023-11-17

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.