Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-5W3P-JVFF-VGWV

Vulnerability from github – Published: 2024-12-31 09:30 – Updated: 2024-12-31 09:30
VLAI
Details

A vulnerability was found in CodeAstro Online Food Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/all_users.php of the component All Users Page. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-13067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-31T09:15:05Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in CodeAstro Online Food Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/all_users.php of the component All Users Page. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-5w3p-jvff-vgwv",
  "modified": "2024-12-31T09:30:45Z",
  "published": "2024-12-31T09:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13067"
    },
    {
      "type": "WEB",
      "url": "https://codeastro.com"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shaturo1337/POCs/blob/main/Broken%20Access%20Control%20in%20Online%20Food%20Ordering%20System.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.289823"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.289823"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.472081"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5W54-736M-65HF

Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30
VLAI
Details

Subscriber Privilege Escalation in Amelia <= 2.3 versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-48889"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-15T21:17:18Z",
    "severity": "HIGH"
  },
  "details": "Subscriber Privilege Escalation in Amelia \u003c= 2.3 versions.",
  "id": "GHSA-5w54-736m-65hf",
  "modified": "2026-06-15T21:30:49Z",
  "published": "2026-06-15T21:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48889"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-2-3-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WCF-R54J-7XP9

Vulnerability from github – Published: 2025-05-06 15:31 – Updated: 2025-05-16 21:32
VLAI
Details

IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-06T15:16:01Z",
    "severity": "HIGH"
  },
  "details": "IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.",
  "id": "GHSA-5wcf-r54j-7xp9",
  "modified": "2025-05-16T21:32:10Z",
  "published": "2025-05-06T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2898"
    },
    {
      "type": "WEB",
      "url": "https://https://www.ibm.com/support/pages/node/7232050"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7232050"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5XX4-VFW9-VHFP

Vulnerability from github – Published: 2026-04-12 00:32 – Updated: 2026-04-12 00:32
VLAI
Details

A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6105"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-11T22:16:01Z",
    "severity": "MODERATE"
  },
  "details": "A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-5xx4-vfw9-vhfp",
  "modified": "2026-04-12T00:32:57Z",
  "published": "2026-04-12T00:32:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6105"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/ying-xiujie/cve/issues/IGB6M9"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/781598"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/356964"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/356964/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5XX7-6VMR-GJWP

Vulnerability from github – Published: 2024-04-17 00:30 – Updated: 2024-08-01 15:31
VLAI
Details

An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31760"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-16T23:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component.",
  "id": "GHSA-5xx7-6vmr-gjwp",
  "modified": "2024-08-01T15:31:40Z",
  "published": "2024-04-17T00:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31760"
    },
    {
      "type": "WEB",
      "url": "https://github.com/flipped-aurora/gin-vue-admin/issues/1324"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158"
    },
    {
      "type": "WEB",
      "url": "https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6222-M4W2-VPJJ

Vulnerability from github – Published: 2024-08-12 15:30 – Updated: 2025-08-22 09:30
VLAI
Details

Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6758"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-12T13:38:40Z",
    "severity": "MODERATE"
  },
  "details": "Improper Privilege Management\u00a0in\u00a0Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.",
  "id": "GHSA-6222-m4w2-vpjj",
  "modified": "2025-08-22T09:30:40Z",
  "published": "2024-08-12T15:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6758"
    },
    {
      "type": "WEB",
      "url": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2407171_de.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62C6-X54M-9Q5V

Vulnerability from github – Published: 2024-03-29 09:30 – Updated: 2024-03-29 09:30
VLAI
Details

The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.1. This is due to insufficient validation checks within the _register_user() function called by the 'wp_ajax_nopriv_stm_lms_register' AJAX action. This makes it possible for unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-2409"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-29T09:15:07Z",
    "severity": "CRITICAL"
  },
  "details": "The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.1. This is due to insufficient validation checks within the _register_user() function called by the \u0027wp_ajax_nopriv_stm_lms_register\u0027 AJAX action. This makes it possible for unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled.",
  "id": "GHSA-62c6-x54m-9q5v",
  "modified": "2024-03-29T09:30:43Z",
  "published": "2024-03-29T09:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2409"
    },
    {
      "type": "WEB",
      "url": "https://docs.stylemixthemes.com/masterstudy-lms/changelog-free-version#id-3.3.2"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3059676/masterstudy-lms-learning-management-system"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94736152-b365-4b3a-a786-ed49f7d0fc7a?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6373-275M-34G3

Vulnerability from github – Published: 2026-06-21 06:32 – Updated: 2026-06-21 06:32
VLAI
Details

A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12780"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-21T06:16:22Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-6373-275m-34g3",
  "modified": "2026-06-21T06:32:07Z",
  "published": "2026-06-21T06:32:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12780"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-12780"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/835609"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/372521"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/372521/cti"
    },
    {
      "type": "WEB",
      "url": "https://winslow1984.com/books/cve-collection/page/aomei-backupper-830-kernel-driver-amwrtdrvsys-local-privilege-escalation"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-639H-GPC4-26XV

Vulnerability from github – Published: 2025-08-16 00:30 – Updated: 2025-08-16 00:30
VLAI
Details

A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.1 is able to address this issue. The identifier of the patch is 89. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-20199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-16T00:15:25Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.1 is able to address this issue. The identifier of the patch is 89. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.",
  "id": "GHSA-639h-gpc4-26xv",
  "modified": "2025-08-16T00:30:44Z",
  "published": "2025-08-16T00:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-20199"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttercup/buttercup-browser-extension/issues/92"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttercup/buttercup-browser-extension/issues/92#issuecomment-358449755"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttercup/buttercup-browser-extension/issues/92#issuecomment-372991430"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttercup/buttercup-browser-extension/pull/89"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttercup/buttercup-browser-extension/releases/tag/v1.0.1"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.319969"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.319969"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.628170"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-63HQ-54RP-QH3P

Vulnerability from github – Published: 2026-06-08 09:31 – Updated: 2026-06-08 09:32
VLAI
Details

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11497"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-08T09:16:29Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-63hq-54rp-qh3p",
  "modified": "2026-06-08T09:32:00Z",
  "published": "2026-06-08T09:31:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11497"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-11497"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/834823"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369117"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369117/cti"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com"
    },
    {
      "type": "WEB",
      "url": "https://www.notion.so/D-link-DCS-5615_REV_1-01-00-3670ed14e5cb80e9be78f7d8dbf1e789?source=copy_link"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.