CVEbaza.plCWE DictionaryCWE-648
Common Weakness Enumeration

CWE-648

Incorrect Use of Privileged APIs

Category: BaseCVE: 66
Description

The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.

CVE vulnerabilities with CWE-648 (66)
9.8
CVSS
CRITICAL
CVE-2024-8785

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.

pub. 2024-12-02
9.8
CVSS
CRITICAL
CVE-2024-11068

The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.

pub. 2024-11-11
9.8
CVSS
CRITICAL
CVE-2023-4972

Incorrect Use of Privileged APIs vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users. This issue affects Digital Yepas: before 1.0.1.

pub. 2023-09-14
9.8
CVSS
CRITICAL
CVE-2022-2023

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.

pub. 2022-06-20
9.8
CVSS
CRITICAL
CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

pub. 2019-09-06
9.8
CVSS
CRITICAL
CVE-2019-1010178

Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd and https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887beba0065246.

pub. 2019-07-24
9.4
CVSS
CRITICAL
CVE-2026-9560

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

pub. 2026-05-26
9.1
CVSS
CRITICAL
CVE-2026-41386

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope.

pub. 2026-04-28
9.1
CVSS
CRITICAL
CVE-2024-37018

The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.

pub. 2024-05-31
9.1
CVSS
CRITICAL
CVE-2023-29507

XWiki Commons are technical libraries common to several other top level XWiki projects. The Document script API returns directly a DocumentAuthors allowing to set any authors to the document, which in consequence can allow subsequent executions of scripts since this author is used for checking rights. The problem has been patched in XWiki 14.10 and 14.4.7 by returning a safe script API.

pub. 2023-04-16
9.0
CVSS
CRITICAL
CVE-2026-41329

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privilege escalation.

pub. 2026-04-21
9.0
CVSS
CRITICAL
CVE-2025-2311

Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring. This issue affects SecHard: before 3.3.0.20220411.

pub. 2025-03-20
8.8
CVSS
HIGH
CVE-2026-20126

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to&nbsp;gain root privileges on the underlying operating system.

pub. 2026-02-25
8.8
CVSS
HIGH
CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution (RCE) by an attacker.

pub. 2025-07-29
8.8
CVSS
HIGH
CVE-2025-5997

Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse. This issue affects PhishPro: before 7.5.4.2.

pub. 2025-07-28
8.8
CVSS
HIGH
CVE-2023-28062

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

pub. 2023-04-11
8.8
CVSS
HIGH
CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.

pub. 2019-11-15
8.7
CVSS
HIGH
CVE-2026-35663

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges.

pub. 2026-04-10
8.7
CVSS
HIGH
CVE-2026-35669

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated privileges and perform unauthorized administrative actions.

pub. 2026-04-10
8.7
CVSS
HIGH
CVE-2026-35639

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure.

pub. 2026-04-09
Showing 20 of 66 vulnerabilities
Information
ID: CWE-648
Type: Base
Vulnerabilities: 66
MITRE CWE ↗
← CWE Dictionary