Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2023-43984 HIGH

Smart Soft advancedexport <4.4.7 - Info Disclosure

CVE-2023-41726 HIGH

Ivanti Avalanche < 6.4.1.236 - Local Privilege Escalation via Incorrect Default Permissions

CVE-2023-4091 MEDIUM

Samba < 4.17.12 - Unauthorized File Truncation via SMB Overwrite Create Disposition

CVE-2023-5623 HIGH

Nessus Network Monitor < 6.3.0 - Incorrect Default Permissions

CVE-2023-45990 HIGH

WenwenaiCMS 1.0 - Privilege Escalation

CVE-2023-3112 HIGH

Elliptic Labs Virtual Lock Sensor - Privilege Escalation

CVE-2023-35183 HIGH

SolarWinds Access Rights Manager < 2023.2.0.73 - Authenticated Privilege Escalation via Local Resource Abuse

CVE-2023-35181 HIGH

SolarWinds Access Rights Manager < 2023.2.0.73 - Privilege Escalation via Incorrect Folder Permissions

CVE-2023-27133 CRITICAL

TSplus Remote Work 16.0.0.0 - Privilege Escalation

CVE-2023-45690 MEDIUM

Titan FTP Server and Titan MFT Server < 2.0.16.2277 - Sensitive File Exposure via Default File Permissions

CVE-2023-44194 HIGH

Junos OS Unauthenticated Privilege Escalation via Improper Directory Permissions

CVE-2023-3440 HIGH

Hitachi JP1/Performance Management - Incorrect Default Permissions

CVE-2023-4065 MEDIUM

Red Hat AMQ Broker Operator - Info Disclosure

CVE-2023-44157 HIGH

Acronis Cyber Protect 15 < 35979 - Local Privilege Escalation via Insecure Folder Permissions

CVE-2023-42261 HIGH

Mobile Security Framework <= 3.7.8 Beta - Insecure Default Permissions

CVE-2023-43496 HIGH

Jenkins < 2.414.2 and < 2.424 - Incorrect Default Permissions in Plugin Installation

CVE-2023-5042 HIGH

Acronis Cyber Protect Home Office < 40713 & True Image OEM < 42575 - Sensitive Info Disclosure via Insecure Permissions

CVE-2023-4088 CRITICAL

Mitsubishi Electric GX Works3 - Incorrect Default Permissions

CVE-2023-4664 HIGH

Saphira Connect < 9 - Privilege Escalation via Incorrect Default Permissions

CVE-2023-37878 MEDIUM

Wing FTP Server <= 7.2.0 - Privilege Escalation via Insecure Default Permissions

CVE-2023-31468 HIGH

Inosoft VisiWin <2022-2.1 - Privilege Escalation

CVE-2023-31068 CRITICAL

TSplus Remote Access <16.0.2.14 - Info Disclosure

CVE-2023-31067 CRITICAL

TSplus Remote Access <16.0.2.14 - Info Disclosure

CVE-2023-34352 MEDIUM

iPadOS < 16.5 - Unprotected User Data Exposure via Sensitive Information Redaction

CVE-2023-2737 MEDIUM

SafeNet Authentication Service 3.4.0 - Authenticated Denial of Service via Improper Log Permissions

Previous Page 25 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy