CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
GHSA-RX6G-PR26-7GXJ
Vulnerability from github – Published: 2024-06-10 21:30 – Updated: 2026-04-02 21:31The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.
{
"affected": [],
"aliases": [
"CVE-2024-23282"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-10T21:15:49Z",
"severity": "MODERATE"
},
"details": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.",
"id": "GHSA-rx6g-pr26-7gxj",
"modified": "2026-04-02T21:31:44Z",
"published": "2024-06-10T21:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23282"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120898"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120902"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120903"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120905"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214100"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214101"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214104"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214106"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214100"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214101"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214104"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214106"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RXFQ-3VPC-VV72
Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-22 20:33Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "vrana/adminer"
},
"ranges": [
{
"events": [
{
"introduced": "1.12.0"
},
{
"fixed": "4.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-43008"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2022-04-22T20:33:36Z",
"nvd_published_at": "2022-04-05T02:15:00Z",
"severity": "HIGH"
},
"details": "Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.",
"id": "GHSA-rxfq-3vpc-vv72",
"modified": "2022-04-22T20:33:36Z",
"published": "2022-04-06T00:01:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43008"
},
{
"type": "PACKAGE",
"url": "https://github.com/vrana/adminer"
},
{
"type": "WEB",
"url": "https://github.com/vrana/adminer/releases/tag/v4.6.3"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00012.html"
},
{
"type": "WEB",
"url": "https://podalirius.net/en/cves/2021-43008"
},
{
"type": "WEB",
"url": "https://sansec.io/research/adminer-4.6.2-file-disclosure-vulnerability"
},
{
"type": "WEB",
"url": "https://www.adminer.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Files or Directories Accessible to External Parties in Adminer"
}
GHSA-V3F4-PGV5-QQHC
Vulnerability from github – Published: 2026-05-04 09:31 – Updated: 2026-05-04 15:31The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.
{
"affected": [],
"aliases": [
"CVE-2026-5335"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-04T07:16:01Z",
"severity": "MODERATE"
},
"details": "The Magic Export \u0026 Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.",
"id": "GHSA-v3f4-pgv5-qqhc",
"modified": "2026-05-04T15:31:13Z",
"published": "2026-05-04T09:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5335"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/ed6f00de-bbae-4e89-9d0e-ded0d70e781c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V3M2-CRXW-2GFM
Vulnerability from github – Published: 2023-07-10 21:31 – Updated: 2024-04-04 05:54?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.
{
"affected": [],
"aliases": [
"CVE-2023-34316"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-10T20:15:15Z",
"severity": "HIGH"
},
"details": "?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.",
"id": "GHSA-v3m2-crxw-2gfm",
"modified": "2024-04-04T05:54:05Z",
"published": "2023-07-10T21:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34316"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V46R-626M-F3PP
Vulnerability from github – Published: 2023-04-07 21:30 – Updated: 2023-04-13 21:30GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.
{
"affected": [],
"aliases": [
"CVE-2023-27180"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-07T21:15:00Z",
"severity": "HIGH"
},
"details": "GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.",
"id": "GHSA-v46r-626m-f3pp",
"modified": "2023-04-13T21:30:27Z",
"published": "2023-04-07T21:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27180"
},
{
"type": "WEB",
"url": "https://gist.github.com/Hadi999/d691e35d4f494d37ccc5638e68227606"
},
{
"type": "WEB",
"url": "https://github.com/chamilo/pclzip"
},
{
"type": "WEB",
"url": "https://www.gdidees.eu/cms-1-0.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V4W4-M4H5-JQF4
Vulnerability from github – Published: 2024-08-13 15:31 – Updated: 2024-08-13 15:31An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
{
"affected": [],
"aliases": [
"CVE-2024-3913"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-13T13:15:12Z",
"severity": "HIGH"
},
"details": "An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.",
"id": "GHSA-v4w4-m4h5-jqf4",
"modified": "2024-08-13T15:31:35Z",
"published": "2024-08-13T15:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3913"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2024-022"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V69J-Q2RV-25RQ
Vulnerability from github – Published: 2023-10-05 18:31 – Updated: 2025-05-20 09:30In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client's temporary directory is now locked down
{
"affected": [],
"aliases": [
"CVE-2023-45160"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-05T16:15:12Z",
"severity": "HIGH"
},
"details": "In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client\u0027s temporary directory is now locked down",
"id": "GHSA-v69j-q2rv-25rq",
"modified": "2025-05-20T09:30:59Z",
"published": "2023-10-05T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45160"
},
{
"type": "WEB",
"url": "https://1e.my.site.com/s"
},
{
"type": "WEB",
"url": "https://www.1e.com/trust-security-compliance/cve-info"
},
{
"type": "WEB",
"url": "https://www.1e.com/vulnerability-disclosure-policy"
},
{
"type": "WEB",
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/1e-2023-2002"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V6V2-8Q4W-PWMG
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information.
{
"affected": [],
"aliases": [
"CVE-2020-22124"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-18T18:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the \\inc\\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information.",
"id": "GHSA-v6v2-8q4w-pwmg",
"modified": "2022-05-24T19:11:30Z",
"published": "2022-05-24T19:11:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22124"
},
{
"type": "WEB",
"url": "https://github.com/876054426/vul/issues/1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-V79F-MW24-4MX3
Vulnerability from github – Published: 2023-02-22 21:30 – Updated: 2023-03-03 03:30A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
{
"affected": [],
"aliases": [
"CVE-2023-22974"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-22T21:15:00Z",
"severity": "HIGH"
},
"details": "A Path Traversal in setup.php in OpenEMR \u003c 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.",
"id": "GHSA-v79f-mw24-4mx3",
"modified": "2023-03-03T03:30:23Z",
"published": "2023-02-22T21:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22974"
},
{
"type": "WEB",
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#7.0.0_Patch_.2811.2F30.2F22.29"
},
{
"type": "WEB",
"url": "https://www.sonarsource.com/blog/openemr-remote-code-execution-in-your-healthcare-system"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V7M4-RWP4-VMRQ
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-13 18:30The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/{object_name:path} endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send crafted requests with a user-controlled object_name path parameter to delete arbitrary files from the underlying MinIO storage system. Successful exploitation leads to data loss and denial of service.
{
"affected": [],
"aliases": [
"CVE-2026-31216"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T16:16:13Z",
"severity": "CRITICAL"
},
"details": "The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/{object_name:path} endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send crafted requests with a user-controlled object_name path parameter to delete arbitrary files from the underlying MinIO storage system. Successful exploitation leads to data loss and denial of service.",
"id": "GHSA-v7m4-rwp4-vmrq",
"modified": "2026-05-13T18:30:40Z",
"published": "2026-05-12T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31216"
},
{
"type": "WEB",
"url": "https://github.com/ModelEngine-Group/nexent"
},
{
"type": "WEB",
"url": "https://www.notion.so/CVE-2026-31216-35d1e139318881208297f0fbd8005f68"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.