Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-610 (资源在另一范围的外部可控制索引) — Vulnerability Class 45

45 vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引). AI Chinese analysis included.

CWE-610 represents a critical input validation weakness where software improperly resolves references to resources located outside its intended security boundary. This flaw typically arises when applications accept user-supplied filenames, URLs, or identifiers without rigorous sanitization, allowing attackers to redirect execution or data access to unauthorized external systems. Exploitation often leads to severe consequences such as remote code execution, data exfiltration, or unauthorized access to sensitive internal resources by manipulating the reference path. To mitigate this risk, developers must implement strict allow-listing strategies, ensuring that only predefined, safe resources are accessible. Additionally, employing canonicalization techniques to normalize input paths and verifying that resolved resources remain within the expected directory or network sphere are essential practices. By enforcing these controls, organizations can prevent attackers from bypassing security boundaries through manipulated external references.

MITRE CWE Description
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Common Consequences (2)
Confidentiality, IntegrityRead Application Data, Modify Application Data
An adversary could read or modify data, depending on how the resource is intended to be used.
Access ControlGain Privileges or Assume Identity
An adversary that can supply a reference to an unintended resource can potentially access a resource that they do not have privileges for, thus bypassing existing access control mechanisms.
Examples (1)
The following code is a Java servlet that will receive a GET request with a url parameter in the request to redirect the browser to the address specified in the url parameter. The servlet will retrieve the url parameter value from the request and send a response to redirect the browser to the url address.
public class RedirectServlet extends HttpServlet { protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String query = request.getQueryString(); if (query.contains("url")) { String url = request.getParameter("url"); response.sendRedirect(url); } } }
Bad · Java
<a href="http://bank.example.com/redirect?url=http://attacker.example.net">Click here to log in</a>
Attack · HTML
CVE IDTitleCVSSSeverityPublished
CVE-2023-38046 PAN-OS: Read System Files and Resources During Configuration Commit — PAN-OS 5.5 Medium2023-07-12
CVE-2023-0045 Incorrect indirect branch prediction barrier in the Linux Kernel — Linux Kernel 4.7 Medium2023-04-25
CVE-2022-44747 Acronis Cyber Protect 后置链接漏洞 — Acronis Cyber Protect Home Office 7.8 -2022-11-07
CVE-2022-39206 CI/CD Docker Escape in OneDev — onedev 9.9 Critical2022-09-13
CVE-2022-27593 DeadBolt Ransomware — Photo Station 10.0 Critical2022-09-08
CVE-2021-3779 Ruby-MySQL Gem Client File Read — ruby-mysql 6.5 -2022-06-28
CVE-2022-24854 Database bypassing any permissions in Metabase via SQlite attach — metabase 8.0 High2022-04-14
CVE-2021-43844 Externally Controlled Reference to a Resource in Another Sphere in MSEdgeRedirect — MSEdgeRedirect 8.8 High2021-12-20
CVE-2021-43794 Anonymous user cache poisoning via development-mode header in Discourse — discourse 5.3 Medium2021-12-01
CVE-2021-41244 Cross organization admin control in Grafana — grafana 9.1 Critical2021-11-15
CVE-2021-27648 Synology Antivirus Essential 安全漏洞 — Synology Antivirus Essential 9.0 Critical2021-04-28
CVE-2018-12475 obs-service-download_files allows downloading from localhost or intranet hosts — Open Build Service 6.5 Medium2020-09-01
CVE-2020-8226 phpBB 代码问题漏洞 — https://github.com/phpbb/phpbb 5.8 -2020-08-17
CVE-2018-7824 Schneider Electric Modbus Serial Driver 资源管理错误漏洞 — Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) 4.9 -2019-05-22
CVE-2017-16088 safe-eval模块安全漏洞 — safe-eval node module 10.0 -2018-06-07

Vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引) represent 45 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.