CVEbaza.plSłownik CWECWE-472
Common Weakness Enumeration

CWE-472

External Control of Assumed-Immutable Web Parameter

Kategoria: BaseCVE: 136
Opis

Aplikacja internetowa nie weryfikuje wystarczająco danych wejściowych, które są założone jako niezmienne, ale faktycznie mogą być kontrolowane z zewnątrz, takie jak ukryte pola formularza. Podatność ta pozwala atakującemu manipulować parametrami uważanymi za bezpieczne, co może prowadzić do nieautoryzowanego dostępu lub modyfikacji danych.

Description (EN)

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

Podatności CVE z CWE-472 (136)
9.8
CVSS
CRITICAL
CVE-2025-43930

Aplikacja Hashview w wersji 0.8.1 umożliwia przejęcie dowolnego konta użytkownika poprzez manipulację nagłówkiem HTTP Host podczas procesu resetowania hasła. Podatność wynika z braku skonfigurowanej zmiennej SERVER_NAME, przez co link resetujący hasło jest budowany na podstawie niezaufanego nagłówka dostarczanego przez atakującego.

pub. 2025-07-07
9.8
CVSS
CRITICAL
CVE-2025-43933

Aplikacja fblog w wersji do commitu 983bede umożliwia przejęcie dowolnego konta użytkownika poprzez funkcję resetowania hasła. Podatność wynika z braku konfiguracji zmiennej SERVER_NAME, co powoduje, że link do resetu hasła jest generowany na podstawie nagłówka HTTP Host dostarczonego przez atakującego.

pub. 2025-07-07
9.8
CVSS
CRITICAL
CVE-2024-25153

Podatność path traversal w komponencie 'ftpservlet' portalu webowego Fortra FileCatalyst Workflow pozwala na przesyłanie plików poza wyznaczony katalog 'uploadtemp'. W przypadku skutecznego przesłania złośliwego pliku JSP do katalogu DocumentRoot możliwe jest zdalne wykonanie kodu (RCE), w tym instalacja web shella.

pub. 2024-03-13
9.8
CVSS
CRITICAL
CVE-2021-1289

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1290

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1291

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1292

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1293

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1294

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1295

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

pub. 2021-02-04
9.6
CVSS
CRITICAL
CVE-2026-14387

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

pub. 2026-07-01
9.6
CVSS
CRITICAL
CVE-2026-13796

Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

pub. 2026-06-30
9.6
CVSS
CRITICAL
CVE-2026-11088

Podatność integer overflow w komponencie ANGLE przeglądarki Google Chrome (wersje przed 149.0.7827.53) pozwala atakującemu, który już skompromitował proces renderera, na ucieczkę z piaskownicy (sandbox escape). Ucieczka z sandbox jest szczególnie groźna, ponieważ może prowadzić do pełnego przejęcia kontroli nad systemem ofiary.

pub. 2026-06-04
9.4
CVSS
CRITICAL
CVE-2025-66385

Podatność w Cerebrate przed wersją 1.30 umożliwia uwierzytelnionemu użytkownikowi bez uprawnień administracyjnych eskalację własnych uprawnień do wyższej roli (np. administratora). Jest to poważne zagrożenie, ponieważ atakujący z dostępem do zwykłego konta może przejąć pełną kontrolę nad systemem.

pub. 2025-11-28
9.1
CVSS
CRITICAL
CVE-2026-34751

Podatność w mechanizmie odzyskiwania hasła w systemie Payload CMS pozwala nieuwierzytelnionemu atakującemu na wykonywanie działań w imieniu użytkownika, który zainicjował reset hasła. Ze względu na brak wymaganych uprawnień (CVSS AV:N/PR:N) oraz krytyczny poziom zagrożenia, podatność stanowi poważne ryzyko dla bezpieczeństwa kont użytkowników.

pub. 2026-04-01
8.8
CVSS
HIGH
CVE-2026-14430

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

pub. 2026-07-01
8.8
CVSS
HIGH
CVE-2026-13938

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)

pub. 2026-06-30
8.8
CVSS
HIGH
CVE-2026-10963

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

pub. 2026-06-04
8.8
CVSS
HIGH
CVE-2026-10964

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

pub. 2026-06-04
8.8
CVSS
HIGH
CVE-2026-10965

Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

pub. 2026-06-04
Pokazano 20 z 136 podatności
Informacje
ID: CWE-472
Typ: Base
Podatności: 136
MITRE CWE ↗
← Słownik CWE