CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-F4V9-V847-JCVH
Vulnerability from github – Published: 2026-01-15 15:31 – Updated: 2026-01-15 15:31An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.
{
"affected": [],
"aliases": [
"CVE-2026-22916"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-15T13:16:06Z",
"severity": "MODERATE"
},
"details": "An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.",
"id": "GHSA-f4v9-v847-jcvh",
"modified": "2026-01-15T15:31:18Z",
"published": "2026-01-15T15:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22916"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"type": "WEB",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf"
},
{
"type": "WEB",
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-F5HX-M48W-JH25
Vulnerability from github – Published: 2026-02-22 09:30 – Updated: 2026-02-22 09:30A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2026-2938"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-22T09:16:11Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-f5hx-m48w-jh25",
"modified": "2026-02-22T09:30:26Z",
"published": "2026-02-22T09:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2938"
},
{
"type": "WEB",
"url": "https://github.com/Shaon-Xis/SRMS-1.0---Unauthenticated-SMTP-Hijacking-to-Account-Takeover"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.347310"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.347310"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.755345"
},
{
"type": "WEB",
"url": "https://www.sourcecodester.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F5M3-9GMR-6WRH
Vulnerability from github – Published: 2026-01-15 18:31 – Updated: 2026-01-15 18:31Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges.
{
"affected": [],
"aliases": [
"CVE-2021-47799"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-15T16:16:10Z",
"severity": "HIGH"
},
"details": "Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges.",
"id": "GHSA-f5m3-9gmr-6wrh",
"modified": "2026-01-15T18:31:32Z",
"published": "2026-01-15T18:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47799"
},
{
"type": "WEB",
"url": "https://visual-tools.com"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/50104"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F5VJ-X5WW-FR7R
Vulnerability from github – Published: 2025-08-29 03:30 – Updated: 2025-08-29 03:30A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
{
"affected": [],
"aliases": [
"CVE-2025-9602"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-29T02:15:32Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.",
"id": "GHSA-f5vj-x5ww-fr7r",
"modified": "2025-08-29T03:30:50Z",
"published": "2025-08-29T03:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9602"
},
{
"type": "WEB",
"url": "https://github.com/rainrocka/xinhu/issues/9"
},
{
"type": "WEB",
"url": "https://github.com/rainrocka/xinhu/issues/9#issue-3327894144"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.321778"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.321778"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.636383"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F5VQ-PQ35-3QQC
Vulnerability from github – Published: 2025-05-06 15:31 – Updated: 2025-05-06 15:31A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository.
{
"affected": [],
"aliases": [
"CVE-2025-4374"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-06T15:16:05Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn\u0027t been mirrored yet, they are granted \"Admin\" permissions on the newly created repository.",
"id": "GHSA-f5vq-pq35-3qqc",
"modified": "2025-05-06T15:31:11Z",
"published": "2025-05-06T15:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4374"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-4374"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364267"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F6PX-CPFG-VX5V
Vulnerability from github – Published: 2025-03-02 12:33 – Updated: 2025-03-02 12:33A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument user_cookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-1815"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-02T12:15:36Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \\resource\\resource.go. The manipulation of the argument user_cookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-f6px-cpfg-vx5v",
"modified": "2025-03-02T12:33:53Z",
"published": "2025-03-02T12:33:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1815"
},
{
"type": "WEB",
"url": "https://github.com/A7cc/cve/issues/4"
},
{
"type": "WEB",
"url": "https://github.com/A7cc/cve/issues/4#issue-2877111776"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.298083"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.298083"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.506544"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F8VJ-VMGJ-67X6
Vulnerability from github – Published: 2026-07-10 00:31 – Updated: 2026-07-10 00:31A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege violation. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation is known to be difficult.
{
"affected": [],
"aliases": [
"CVE-2026-15271"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-09T22:17:02Z",
"severity": "HIGH"
},
"details": "A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege violation. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitation is known to be difficult.",
"id": "GHSA-f8vj-vmgj-67x6",
"modified": "2026-07-10T00:31:24Z",
"published": "2026-07-10T00:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15271"
},
{
"type": "WEB",
"url": "https://app.notion.com/p/A3000RU-V5-9c-5185-37a1f5ba989080d38bb6ca58b2a98c64?source=copy_link"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-15271"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852316"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852317"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852318"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852319"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852320"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852321"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852323"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377214"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377214/cti"
},
{
"type": "WEB",
"url": "https://www.totolink.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F93X-3RMR-5F55
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges.
{
"affected": [],
"aliases": [
"CVE-2017-12711"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-30T18:29:00Z",
"severity": "HIGH"
},
"details": "An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges.",
"id": "GHSA-f93x-3rmr-5f55",
"modified": "2022-05-13T01:37:45Z",
"published": "2022-05-13T01:37:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12711"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100526"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F9HH-982G-8CWQ
Vulnerability from github – Published: 2025-01-15 21:31 – Updated: 2025-01-15 21:31A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfig_doedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-0484"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-15T20:15:29Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfig_doedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-f9hh-982g-8cwq",
"modified": "2025-01-15T21:31:42Z",
"published": "2025-01-15T21:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0484"
},
{
"type": "WEB",
"url": "https://github.com/Fanli2012/native-php-cms/issues/6"
},
{
"type": "WEB",
"url": "https://github.com/Fanli2012/native-php-cms/issues/6#issue-2769903928"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.291929"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.291929"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.475245"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F9RQ-5867-X4MQ
Vulnerability from github – Published: 2026-07-10 03:31 – Updated: 2026-07-10 03:31A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/access_control.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 3126. A patch should be applied to remediate this issue.
{
"affected": [],
"aliases": [
"CVE-2026-15319"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-10T03:16:20Z",
"severity": "MODERATE"
},
"details": "A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/access_control.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 3126. A patch should be applied to remediate this issue.",
"id": "GHSA-f9rq-5867-x4mq",
"modified": "2026-07-10T03:31:30Z",
"published": "2026-07-10T03:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15319"
},
{
"type": "WEB",
"url": "https://github.com/sipeed/picoclaw/issues/3069"
},
{
"type": "WEB",
"url": "https://github.com/sipeed/picoclaw/pull/3126"
},
{
"type": "WEB",
"url": "https://github.com/sipeed/picoclaw"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-15319"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/852884"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377259"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377259/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.