CWE-863
Allowed-with-ReviewIncorrect Authorization
Abstraction: Class · Status: Incomplete
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
5556 vulnerabilities reference this CWE, most recent first.
GHSA-R848-G58F-V3HW
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06When styling and rendering an oversized <select> element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox < 89.
{
"affected": [],
"aliases": [
"CVE-2021-29961"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T14:15:00Z",
"severity": "MODERATE"
},
"details": "When styling and rendering an oversized `\u003cselect\u003e` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox \u003c 89.",
"id": "GHSA-r848-g58f-v3hw",
"modified": "2022-05-24T19:06:09Z",
"published": "2022-05-24T19:06:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29961"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1700235"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-09"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-23"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R849-826X-WGQM
Vulnerability from github – Published: 2026-03-19 03:30 – Updated: 2026-03-20 13:40Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-wm8r-w8pf-2v6w. This link is maintained to preserve external references.
Original Description
OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks and gain unauthorized group access.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c 2026.2.26"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-20T13:40:02Z",
"nvd_published_at": "2026-03-19T02:16:03Z",
"severity": "LOW"
},
"details": "## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-wm8r-w8pf-2v6w. This link is maintained to preserve external references.\n\n## Original Description\nOpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks and gain unauthorized group access.",
"id": "GHSA-r849-826x-wgqm",
"modified": "2026-03-20T13:40:02Z",
"published": "2026-03-19T03:30:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-wm8r-w8pf-2v6w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31991"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/64de4b6d6ae81e269ceb4ca16f53cda99ced967a"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/8bdda7a651c21e98faccdbbd73081e79cffe8be0"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-dm-pairing-store-leakage-in-signal-group-allowlist"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Duplicate Advisory: Signal group allowlist authorization bypass via DM pairing-store leakage",
"withdrawn": "2026-03-20T13:40:02Z"
}
GHSA-R855-VCGQ-F3FH
Vulnerability from github – Published: 2026-01-06 18:31 – Updated: 2026-01-06 18:31iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows authenticated users to elevate privileges through console JavaScript functions. Attackers can create users, modify roles and permissions, and potentially achieve full application takeover by exploiting insecure direct object references.
{
"affected": [],
"aliases": [
"CVE-2020-36920"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-06T16:15:48Z",
"severity": "HIGH"
},
"details": "iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows authenticated users to elevate privileges through console JavaScript functions. Attackers can create users, modify roles and permissions, and potentially achieve full application takeover by exploiting insecure direct object references.",
"id": "GHSA-r855-vcgq-f3fh",
"modified": "2026-01-06T18:31:34Z",
"published": "2026-01-06T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36920"
},
{
"type": "WEB",
"url": "https://cxsecurity.com/issue/WLB-2020110025"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191260"
},
{
"type": "WEB",
"url": "https://packetstorm.news/files/id/159918"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200919100215/http://www.yerootech.com"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/48992"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/ids-dsspro-digital-signage-system-privilege-escalation-via-access-control"
},
{
"type": "WEB",
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5608.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R868-F942-GCW7
Vulnerability from github – Published: 2024-09-27 12:31 – Updated: 2024-09-27 12:31Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
{
"affected": [],
"aliases": [
"CVE-2024-9136"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-27T11:15:13Z",
"severity": "MODERATE"
},
"details": "Access permission verification vulnerability in the App Multiplier module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality.",
"id": "GHSA-r868-f942-gcw7",
"modified": "2024-09-27T12:31:40Z",
"published": "2024-09-27T12:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9136"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2024/10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R887-HMXM-R2H5
Vulnerability from github – Published: 2026-03-11 03:31 – Updated: 2026-03-11 03:31Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited impact to the integrity and availability of data. The exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.
{
"affected": [],
"aliases": [
"CVE-2026-21359"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-11T03:15:55Z",
"severity": "MODERATE"
},
"details": "Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited impact to the integrity and availability of data. The exploit depends on conditions beyond the attacker\u0027s control. Exploitation of this issue does not require user interaction.",
"id": "GHSA-r887-hmxm-r2h5",
"modified": "2026-03-11T03:31:28Z",
"published": "2026-03-11T03:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21359"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/magento/apsb26-05.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-R89H-R4W4-JR4P
Vulnerability from github – Published: 2021-12-02 00:00 – Updated: 2022-06-29 00:00Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent unauthenticated attacker to bypass access restriction, and to obtain anti-CSRF tokens and change the product's settings via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2021-20862"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-01T03:15:00Z",
"severity": "MODERATE"
},
"details": "Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent unauthenticated attacker to bypass access restriction, and to obtain anti-CSRF tokens and change the product\u0027s settings via unspecified vectors.",
"id": "GHSA-r89h-r4w4-jr4p",
"modified": "2022-06-29T00:00:42Z",
"published": "2021-12-02T00:00:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20862"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU94527926/index.html"
},
{
"type": "WEB",
"url": "https://www.elecom.co.jp/news/security/20211130-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R8FF-5HFF-RPRQ
Vulnerability from github – Published: 2022-12-20 18:30 – Updated: 2025-04-17 15:32D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.
{
"affected": [],
"aliases": [
"CVE-2022-46076"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-20T17:15:00Z",
"severity": "HIGH"
},
"details": "D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.",
"id": "GHSA-r8ff-5hff-rprq",
"modified": "2025-04-17T15:32:31Z",
"published": "2022-12-20T18:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46076"
},
{
"type": "WEB",
"url": "https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-869"
},
{
"type": "WEB",
"url": "https://www.dlink.com/en/security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R8H3-XCC9-62RW
Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-18 00:00The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request.
{
"affected": [],
"aliases": [
"CVE-2022-38769"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-13T23:15:00Z",
"severity": "HIGH"
},
"details": "The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request.",
"id": "GHSA-r8h3-xcc9-62rw",
"modified": "2022-09-18T00:00:32Z",
"published": "2022-09-14T00:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38769"
},
{
"type": "WEB",
"url": "https://mojodat-vulnerabilities.netlify.app"
},
{
"type": "WEB",
"url": "https://transtek.com/mojodat-fixed-assets"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R8V4-4FM3-V2P5
Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-20 00:01A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
{
"affected": [],
"aliases": [
"CVE-2022-22254"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-11T20:15:00Z",
"severity": "HIGH"
},
"details": "A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.",
"id": "GHSA-r8v4-4fm3-v2p5",
"modified": "2022-04-20T00:01:09Z",
"published": "2022-04-12T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22254"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R8VM-PXWG-4RMM
Vulnerability from github – Published: 2023-06-12 21:30 – Updated: 2024-04-04 04:44Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method.
{
"affected": [],
"aliases": [
"CVE-2023-32220"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-12T21:15:22Z",
"severity": "CRITICAL"
},
"details": "Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method.",
"id": "GHSA-r8vm-pxwg-4rmm",
"modified": "2024-04-04T04:44:31Z",
"published": "2023-06-12T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32220"
},
{
"type": "WEB",
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.