Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-610 (资源在另一范围的外部可控制索引) — Vulnerability Class 45

45 vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引). AI Chinese analysis included.

CWE-610 represents a critical input validation weakness where software improperly resolves references to resources located outside its intended security boundary. This flaw typically arises when applications accept user-supplied filenames, URLs, or identifiers without rigorous sanitization, allowing attackers to redirect execution or data access to unauthorized external systems. Exploitation often leads to severe consequences such as remote code execution, data exfiltration, or unauthorized access to sensitive internal resources by manipulating the reference path. To mitigate this risk, developers must implement strict allow-listing strategies, ensuring that only predefined, safe resources are accessible. Additionally, employing canonicalization techniques to normalize input paths and verifying that resolved resources remain within the expected directory or network sphere are essential practices. By enforcing these controls, organizations can prevent attackers from bypassing security boundaries through manipulated external references.

MITRE CWE Description
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Common Consequences (2)
Confidentiality, IntegrityRead Application Data, Modify Application Data
An adversary could read or modify data, depending on how the resource is intended to be used.
Access ControlGain Privileges or Assume Identity
An adversary that can supply a reference to an unintended resource can potentially access a resource that they do not have privileges for, thus bypassing existing access control mechanisms.
Examples (1)
The following code is a Java servlet that will receive a GET request with a url parameter in the request to redirect the browser to the address specified in the url parameter. The servlet will retrieve the url parameter value from the request and send a response to redirect the browser to the url address.
public class RedirectServlet extends HttpServlet { protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String query = request.getQueryString(); if (query.contains("url")) { String url = request.getParameter("url"); response.sendRedirect(url); } } }
Bad · Java
<a href="http://bank.example.com/redirect?url=http://attacker.example.net">Click here to log in</a>
Attack · HTML
CVE IDTitleCVSSSeverityPublished
CVE-2026-34327 Microsoft Partner Center Spoofing Vulnerability — Microsoft Partner Center 8.2 High2026-05-07
CVE-2026-0522 Local File Inclusion in the File Upload/Download Process — VertiGIS FM 8.8AIHighAI2026-04-01
CVE-2026-32008 OpenClaw < 2026.2.21 - Arbitrary Local File Read via Browser Navigation Guard — OpenClaw 6.5 Medium2026-03-19
CVE-2026-28722 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 17 7.8 -2026-03-05
CVE-2026-28721 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 17 7.8 -2026-03-05
CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability — ThinManager 9.6AICriticalAI2025-09-09
CVE-2025-48963 Acronis Cyber Protect Cloud Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent 7.8 -2025-08-28
CVE-2015-10142 Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path — Experience Platform (XP) 7.5 -2025-07-25
CVE-2025-2875 Schneider Electric多款产品 安全漏洞 — Modicon Controllers M241 / M251 7.5 High2025-05-14
CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script — Netskope Client 7.8AIHighAI2025-04-15
CVE-2022-23439 Fortinet多款产品 安全漏洞 — FortiTester 4.1 Medium2025-01-22
CVE-2025-22144 Account Takeover in NamelessMC — Nameless 8.1 -2025-01-13
CVE-2024-42168 HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability — DRYiCE MyXalytics 8.9 High2025-01-11
CVE-2024-52792 Arbitrary config values override in lam — lam 6.5 Medium2024-12-17
CVE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse — discourse 8.2 High2024-10-08
CVE-2024-45826 ThinManager® Code Execution Vulnerability — ThinManager 6.8 Medium2024-09-12
CVE-2024-7625 Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking — Nomad 5.8 Medium2024-08-14
CVE-2024-6079 DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™ — Emulate3D™ 7.8AIHighAI2024-08-13
CVE-2024-28962 Dell Update和Dell Alienware Update 安全漏洞 — Dell Update (DU) 6.5 Medium2024-08-06
CVE-2024-29069 snapd will follow archived symlinks when unpacking a filesystem — snapd 4.8 Medium2024-07-25
CVE-2024-6717 Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking — Nomad 7.7 High2024-07-23
CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications — spin 9.1 Critical2024-05-08
CVE-2024-24818 EspoCRM weakness in "Forgot password" — espocrm 5.9 Medium2024-02-29
CVE-2024-24760 Mailcow Docker Container Exposure to Local Network — mailcow-dockerized 8.8 High2024-02-02
CVE-2023-4089 WAGO: Multiple products vulnerable to local file inclusion — Compact Controller CC100 2.7 Low2023-10-17
CVE-2023-44209 Acronis Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent 7.8 -2023-10-04
CVE-2022-46869 Acronis Cyber Protect 后置链接漏洞 — Acronis Cyber Protect Home Office 7.8 -2023-08-31
CVE-2022-46868 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect Home Office 7.8 -2023-08-31
CVE-2023-37855 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPS 4.3 Medium2023-08-09
CVE-2023-37856 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPS 4.3 Medium2023-08-09

Vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引) represent 45 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.