Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-3C5H-34FF-Q9QH

Vulnerability from github – Published: 2025-03-17 18:31 – Updated: 2025-03-17 18:31
VLAI
Details

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-49561"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-17T18:15:20Z",
    "severity": "HIGH"
  },
  "details": "Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.",
  "id": "GHSA-3c5h-34ff-q9qh",
  "modified": "2025-03-17T18:31:53Z",
  "published": "2025-03-17T18:31:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49561"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3CH6-FJMW-MJ86

Vulnerability from github – Published: 2025-12-05 18:31 – Updated: 2025-12-05 18:31
VLAI
Details

A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function update_account of the file /api/admin/update_account/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-14089"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-05T16:15:48Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function update_account of the file /api/admin/update_account/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-3ch6-fjmw-mj86",
  "modified": "2025-12-05T18:31:10Z",
  "published": "2025-12-05T18:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14089"
    },
    {
      "type": "WEB",
      "url": "https://github.com/caigo8/CVE-md/blob/main/BoxwoodERP/%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.334479"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.334479"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.696049"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3CP9-7899-H8R7

Vulnerability from github – Published: 2024-08-21 15:30 – Updated: 2026-04-23 15:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28000"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-21T14:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1.",
  "id": "GHSA-3cp9-7899-h8r7",
  "modified": "2026-04-23T15:32:24Z",
  "published": "2024-08-21T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28000"
    },
    {
      "type": "WEB",
      "url": "https://packetstorm.news/files/id/200819"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/articles/critical-privilege-escalation-in-litespeed-cache-plugin-affecting-5-million-sites?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html?m=1"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/52328"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3GCP-58M3-9FP5

Vulnerability from github – Published: 2025-06-13 00:33 – Updated: 2025-06-13 00:33
VLAI
Details

An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-4228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-13T00:15:23Z",
    "severity": "MODERATE"
  },
  "details": "An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex\u00ae XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.",
  "id": "GHSA-3gcp-58m3-9fp5",
  "modified": "2025-06-13T00:33:18Z",
  "published": "2025-06-13T00:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4228"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4228"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3GPH-8868-XM4R

Vulnerability from github – Published: 2023-09-06 21:32 – Updated: 2024-04-04 07:32
VLAI
Details

SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-10129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-06T19:15:43Z",
    "severity": "HIGH"
  },
  "details": "SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.",
  "id": "GHSA-3gph-8868-xm4r",
  "modified": "2024-04-04T07:32:16Z",
  "published": "2023-09-06T21:32:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10129"
    },
    {
      "type": "WEB",
      "url": "https://developer.searchblox.com/v9.2/changelog/version-91"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3H6M-4CMJ-F665

Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35
VLAI
Details

Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-59563"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-17T13:19:15Z",
    "severity": "HIGH"
  },
  "details": "Subscriber Privilege Escalation in Sonaar \u003c= 4.27.4 versions.",
  "id": "GHSA-3h6m-4cmj-f665",
  "modified": "2026-06-17T18:35:42Z",
  "published": "2026-06-17T18:35:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59563"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/theme/sonaar/vulnerability/wordpress-sonaar-theme-4-27-4-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JMM-QP9W-H326

Vulnerability from github – Published: 2024-05-03 18:30 – Updated: 2024-08-01 15:31
VLAI
Details

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27453"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T18:15:09Z",
    "severity": "HIGH"
  },
  "details": "In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).",
  "id": "GHSA-3jmm-qp9w-h326",
  "modified": "2024-08-01T15:31:43Z",
  "published": "2024-05-03T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27453"
    },
    {
      "type": "WEB",
      "url": "https://extreme-networks.my.site.com/ExtrArticleDetail?an=000118266"
    },
    {
      "type": "WEB",
      "url": "https://www.exsiliumsecurity.com/CVE-2024-27453.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JRF-74H9-V6JF

Vulnerability from github – Published: 2025-12-25 21:30 – Updated: 2025-12-25 21:30
VLAI
Details

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-15086"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-25T21:15:40Z",
    "severity": "MODERATE"
  },
  "details": "A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-3jrf-74h9-v6jf",
  "modified": "2025-12-25T21:30:11Z",
  "published": "2025-12-25T21:30:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15086"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Hwwg/cve/issues/27"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.338414"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.338414"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.708176"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3P98-P9MV-8P9F

Vulnerability from github – Published: 2025-10-22 15:31 – Updated: 2026-01-20 15:31
VLAI
Details

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through <= 6.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-53428"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-22T15:15:51Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through \u003c= 6.4.",
  "id": "GHSA-3p98-p9mv-8p9f",
  "modified": "2026-01-20T15:31:28Z",
  "published": "2025-10-22T15:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53428"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/wp-registration/vulnerability/wordpress-simple-user-registration-plugin-6-4-privilege-escalation-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://vdp.patchstack.com/database/Wordpress/Plugin/wp-registration/vulnerability/wordpress-simple-user-registration-plugin-6-4-privilege-escalation-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://vdp.patchstack.com/database/Wordpress/Plugin/wp-registration/vulnerability/wordpress-simple-user-registration-plugin-6-4-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3Q33-478H-MRCG

Vulnerability from github – Published: 2025-07-16 12:30 – Updated: 2026-04-01 18:35
VLAI
Details

Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-52836"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-16T12:15:29Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3.",
  "id": "GHSA-3q33-478h-mrcg",
  "modified": "2026-04-01T18:35:48Z",
  "published": "2025-07-16T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52836"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/profitori/vulnerability/wordpress-the-e-commerce-erp-2-1-1-3-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.