CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
669 vulnerabilities reference this CWE, most recent first.
GHSA-WRJH-X85J-VVG8
Vulnerability from github – Published: 2024-10-30 18:30 – Updated: 2024-10-31 21:31A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server.
{
"affected": [],
"aliases": [
"CVE-2024-48647"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-30T18:15:07Z",
"severity": "HIGH"
},
"details": "A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server\u0027s file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server.",
"id": "GHSA-wrjh-x85j-vvg8",
"modified": "2024-10-31T21:31:45Z",
"published": "2024-10-30T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48647"
},
{
"type": "WEB",
"url": "https://github.com/hx381/Sage-1000-v7.0.0-Exploit/blob/main/README.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WRW5-8CW7-5JM9
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2025-04-20 03:46Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
{
"affected": [],
"aliases": [
"CVE-2017-14942"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-30T01:29:00Z",
"severity": "CRITICAL"
},
"details": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.",
"id": "GHSA-wrw5-8cw7-5jm9",
"modified": "2025-04-20T03:46:06Z",
"published": "2022-05-13T01:43:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14942"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/42916"
},
{
"type": "WEB",
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WV58-FX9P-FW8M
Vulnerability from github – Published: 2025-04-16 15:34 – Updated: 2025-04-16 15:34Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content of the file. This vulnerability can be use to read content of system files.
{
"affected": [],
"aliases": [
"CVE-2025-1982"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-16T13:15:44Z",
"severity": "HIGH"
},
"details": "Local File Inclusion vulnerability in Ready\u0027s attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content of the file. This vulnerability can be use to read content of system files.",
"id": "GHSA-wv58-fx9p-fw8m",
"modified": "2025-04-16T15:34:33Z",
"published": "2025-04-16T15:34:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1982"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2025/04/CVE-2025-1980"
},
{
"type": "WEB",
"url": "https://cert.pl/posts/2025/04/CVE-2025-1980"
},
{
"type": "WEB",
"url": "https://ready-os.com/pl"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WX79-R3Q8-FQ9H
Vulnerability from github – Published: 2023-07-06 21:14 – Updated: 2023-07-06 23:28Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 to solve it.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.inlong:manager-service"
},
"ranges": [
{
"events": [
{
"introduced": "1.4.0"
},
{
"fixed": "1.7.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.inlong:manager-web"
},
"ranges": [
{
"events": [
{
"introduced": "1.4.0"
},
{
"fixed": "1.7.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-31066"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-06T23:28:55Z",
"nvd_published_at": "2023-05-22T16:15:10Z",
"severity": "CRITICAL"
},
"details": "Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could\u00a0delete, edit, stop, and start others\u0027 sources.\u00a0Users are advised to upgrade to Apache InLong\u0027s 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 to solve it.\n\n\n",
"id": "GHSA-wx79-r3q8-fq9h",
"modified": "2023-07-06T23:28:55Z",
"published": "2023-07-06T21:14:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31066"
},
{
"type": "WEB",
"url": "https://github.com/apache/inlong/pull/7775"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/inlong"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/x7y05wo37sq5l9fnmmsjh2dr9kcjrcxf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Apache InLong has Files or Directories Accessible to External Parties in Apache InLong"
}
GHSA-WXXJ-43FH-X378
Vulnerability from github – Published: 2024-01-29 15:30 – Updated: 2024-01-29 15:30A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This vulnerability affects unknown code of the file /runtime/log. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252274 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2024-1005"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-29T15:15:10Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This vulnerability affects unknown code of the file /runtime/log. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252274 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-wxxj-43fh-x378",
"modified": "2024-01-29T15:30:30Z",
"published": "2024-01-29T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1005"
},
{
"type": "WEB",
"url": "https://note.zhaoj.in/share/M9ERphWTXUPj"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.252274"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.252274"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X2WQ-HVXQ-C485
Vulnerability from github – Published: 2023-11-09 12:30 – Updated: 2023-11-09 12:30A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.
{
"affected": [],
"aliases": [
"CVE-2023-47612"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-09T12:15:07Z",
"severity": "MODERATE"
},
"details": "A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.",
"id": "GHSA-x2wq-hvxq-c485",
"modified": "2023-11-09T12:30:27Z",
"published": "2023-11-09T12:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47612"
},
{
"type": "WEB",
"url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X43G-GJ9X-838X
Vulnerability from github – Published: 2022-05-24 22:01 – Updated: 2023-10-19 18:55PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "phantomjs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-17221"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-19T18:55:53Z",
"nvd_published_at": "2019-11-05T14:15:00Z",
"severity": "HIGH"
},
"details": "PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a `file://` URI. The vulnerability exists in the `page.open()` function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if `page.render()` is the function callback, this generates a PDF or an image of the targeted file. **NOTE**: this product is no longer developed.",
"id": "GHSA-x43g-gj9x-838x",
"modified": "2023-10-19T18:55:53Z",
"published": "2022-05-24T22:01:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17221"
},
{
"type": "PACKAGE",
"url": "https://github.com/Medium/phantomjs"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20191220171022/https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "PhantomJS Arbitrary File Read"
}
GHSA-X52Q-3XGW-WHV2
Vulnerability from github – Published: 2022-02-10 00:00 – Updated: 2022-02-12 00:01In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of folders in the Files area can be seen by a person not owning the folders. (Only folder names are affected. Neither file names nor file contents are affected.)
{
"affected": [],
"aliases": [
"CVE-2022-24694"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-09T05:15:00Z",
"severity": "MODERATE"
},
"details": "In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of folders in the Files area can be seen by a person not owning the folders. (Only folder names are affected. Neither file names nor file contents are affected.)",
"id": "GHSA-x52q-3xgw-whv2",
"modified": "2022-02-12T00:01:02Z",
"published": "2022-02-10T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24694"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/mahara/+bug/1952808"
},
{
"type": "WEB",
"url": "https://mahara.org/interaction/forum/topic.php?id=8994"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-X57Q-R8QM-5VXR
Vulnerability from github – Published: 2024-09-26 12:32 – Updated: 2026-06-03 15:30Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: before CYBM.240816253.
{
"affected": [],
"aliases": [
"CVE-2024-7107"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-26T12:15:03Z",
"severity": "MODERATE"
},
"details": "Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: before CYBM.240816253.",
"id": "GHSA-x57q-r8qm-5vxr",
"modified": "2026-06-03T15:30:35Z",
"published": "2024-09-26T12:32:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7107"
},
{
"type": "WEB",
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1549"
},
{
"type": "WEB",
"url": "https://www.usom.gov.tr/bildirim/tr-24-1549"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-X5FC-JQ6W-W538
Vulnerability from github – Published: 2025-02-04 15:31 – Updated: 2025-02-04 15:31Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave.
{
"affected": [],
"aliases": [
"CVE-2024-10403"
],
"database_specific": {
"cwe_ids": [
"CWE-528",
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-21T11:15:16Z",
"severity": "MODERATE"
},
"details": "Brocade Fabric OS versions before \n8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can \ncapture the SFTP/FTP server password used for a firmware download \noperation initiated by SANnav or through WebEM in a weblinker core dump \nthat is later captured via supportsave.",
"id": "GHSA-x5fc-jq6w-w538",
"modified": "2025-02-04T15:31:35Z",
"published": "2025-02-04T15:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10403"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25145"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.