CWE-552: Files or Directories Accessible to External Parties — known CVE vulnerabilities
CVEs classified under CWE-552 (Files or Directories Accessible to External Parties), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-41240 — CVSS 10.0 (critical): Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server…
CVE-2024-56731 — CVSS 10.0 (critical): Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and…
CVE-2024-6209 — CVSS 10.0 (critical): Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker…
CVE-2025-14771 — CVSS 9.9 (critical): Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.
CVE-2021-43821 — CVSS 9.9 (critical): Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows references to…
CVE-2026-40624 — CVSS 9.8 (critical): Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve…
CVE-2019-25709 — CVSS 9.8 (critical): CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db…
CVE-2026-33698 — CVSS 9.8 (critical): Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the…
CVE-2026-2331 — CVSS 9.8 (critical): An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due…
CVE-2020-37082 — CVSS 9.8 (critical): webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without…
CVE-2024-5262 — CVSS 9.8 (critical): Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to…
CVE-2023-48710 — CVSS 9.8 (critical): iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted…
CVE-2023-50164 — CVSS 9.8 (critical): An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious…
CVE-2022-25299 — CVSS 9.8 (critical): This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may…
CVE-2021-1361 — CVSS 9.8 (critical): A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000…
CVE-2020-10516 — CVSS 9.8 (critical): An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate…
CVE-2020-12743 — CVSS 9.8 (critical): An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file…
CVE-2017-14942 — CVSS 9.8 (critical): Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct…
CVE-2017-10930 — CVSS 9.8 (critical): The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being…
CVE-2015-5211 — CVSS 9.6 (critical): Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to…
CVE-2026-2330 — CVSS 9.4 (critical): An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement…
CVE-2026-34361 — CVSS 9.3 (critical): HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR…
CVE-2024-6878: Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource…
CVE-2026-31216 — CVSS 9.1 (critical): The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The…
CVE-2026-31215 — CVSS 9.1 (critical): The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface…
CVE-2025-69990 — CVSS 9.1 (critical): phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file…
CVE-2024-48864 — CVSS 9.1 (critical): A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the…
CVE-2025-21609 — CVSS 9.1 (critical): SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion…
CVE-2023-31066 — CVSS 9.1 (critical): Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache…
CVE-2018-10867 — CVSS 9.1 (critical): Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove…
CVE-2016-20025 — CVSS 8.8 (high): ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate…
CVE-2025-32819 — CVSS 8.8 (high): A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete…
CVE-2024-50627 — CVSS 8.8 (high): An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It…
CVE-2024-36442 — CVSS 8.8 (high): cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the…
CVE-2023-39479 — CVSS 8.8 (high): Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create…
CVE-2023-39545 — CVSS 8.8 (high): CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X…
CVE-2023-45160 — CVSS 8.8 (high): In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a…
CVE-2023-0822 — CVSS 8.8 (high): The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to…
CVE-2022-23508 — CVSS 8.8 (high): Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes…
CVE-2022-45052 — CVSS 8.8 (high): A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient neutralisation of user input on the url…
CVE-2021-4112 — CVSS 8.8 (high): A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to…
CVE-2022-32143 — CVSS 8.8 (high): In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware…
CVE-2021-25741 — CVSS 8.8 (high): A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files &…
CVE-2021-32688 — CVSS 8.8 (high): Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server supports application specific tokens for authentication…
CVE-2021-20182 — CVSS 8.8 (high): A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted…