CWE-1286
AllowedImproper Validation of Syntactic Correctness of Input
Abstraction: Base · Status: Incomplete
The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.
150 vulnerabilities reference this CWE, most recent first.
GHSA-3V44-23HF-Q5WP
Vulnerability from github – Published: 2024-11-26 09:30 – Updated: 2024-11-26 09:3051l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
{
"affected": [],
"aliases": [
"CVE-2024-8772"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-26T08:15:08Z",
"severity": "MODERATE"
},
"details": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.",
"id": "GHSA-3v44-23hf-q5wp",
"modified": "2024-11-26T09:30:49Z",
"published": "2024-11-26T09:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8772"
},
{
"type": "WEB",
"url": "https://www.axis.com/dam/public/permalink/231072/cve-2024-8772pdf-en-US_InternalID-231072.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-3WQC-MWFX-672P
Vulnerability from github – Published: 2025-04-18 19:32 – Updated: 2025-07-17 21:10Summary
We have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22. - https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297
Details
It seems to target oauth2/jws library.
PoC
No steps to replicate this vulnerability
Impact
We have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions.
Patches
- https://github.com/traefik/traefik/releases/tag/v2.11.24
- https://github.com/traefik/traefik/releases/tag/v3.3.6
- https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.24"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.4.0-rc1"
},
{
"fixed": "3.4.0-rc2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.4.0-rc1"
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-18T19:32:23Z",
"nvd_published_at": "2025-02-26T08:14:24Z",
"severity": "HIGH"
},
"details": "### Summary\nWe have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22.\n- https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297\n\n### Details\nIt seems to target oauth2/jws library.\n\n### PoC\nNo steps to replicate this vulnerability\n\n### Impact\nWe have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.24\n- https://github.com/traefik/traefik/releases/tag/v3.3.6\n- https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2",
"id": "GHSA-3wqc-mwfx-672p",
"modified": "2025-07-17T21:10:43Z",
"published": "2025-04-18T19:32:23Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-3wqc-mwfx-672p"
},
{
"type": "PACKAGE",
"url": "https://github.com/traefik/traefik"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.24"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.3.6"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability"
}
GHSA-44RG-9789-64X6
Vulnerability from github – Published: 2026-06-02 00:31 – Updated: 2026-06-02 00:31Memory corruption while processing fastboot commands with invalid input.
{
"affected": [],
"aliases": [
"CVE-2026-24089"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T23:16:19Z",
"severity": "HIGH"
},
"details": "Memory corruption while processing fastboot commands with invalid input.",
"id": "GHSA-44rg-9789-64x6",
"modified": "2026-06-02T00:31:58Z",
"published": "2026-06-02T00:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24089"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4F29-G223-2GRV
Vulnerability from github – Published: 2022-01-20 00:01 – Updated: 2022-01-27 00:03An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is configured in a DHCP snooping / -security scenario, jdhcpd crashes if a specific malformed DHCP request packet is received. The DHCP functionality is impacted while jdhcpd restarts, and continued exploitation of the vulnerability will lead to the unavailability of the DHCP service and thereby a sustained DoS. This issue affects Juniper Networks Junos OS 13.2 version 13.2R1 and later versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect Juniper Networks Junos OS version 12.3R12 and prior versions.
{
"affected": [],
"aliases": [
"CVE-2022-22176"
],
"database_specific": {
"cwe_ids": [
"CWE-1286",
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-19T01:15:00Z",
"severity": "MODERATE"
},
"details": "An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is configured in a DHCP snooping / -security scenario, jdhcpd crashes if a specific malformed DHCP request packet is received. The DHCP functionality is impacted while jdhcpd restarts, and continued exploitation of the vulnerability will lead to the unavailability of the DHCP service and thereby a sustained DoS. This issue affects Juniper Networks Junos OS 13.2 version 13.2R1 and later versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect Juniper Networks Junos OS version 12.3R12 and prior versions.",
"id": "GHSA-4f29-g223-2grv",
"modified": "2022-01-27T00:03:41Z",
"published": "2022-01-20T00:01:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22176"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA11282"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4WCC-PJV3-VVW7
Vulnerability from github – Published: 2026-06-03 18:33 – Updated: 2026-06-03 18:33Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.
{
"affected": [],
"aliases": [
"CVE-2019-25720"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-03T18:16:15Z",
"severity": "HIGH"
},
"details": "Dr\u00e4ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.",
"id": "GHSA-4wcc-pjv3-vvw7",
"modified": "2026-06-03T18:33:10Z",
"published": "2026-06-03T18:33:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25720"
},
{
"type": "WEB",
"url": "https://static.draeger.com/security/download/2019-11-27-Draeger-SC7000-SC9000-security-advisory-update-v1-5.pdf"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/dr-ger-sc-monitoring-devices-dos-via-malformed-network-packet"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-54JF-4G54-RC94
Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device.
{
"affected": [],
"aliases": [
"CVE-2024-51983"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-25T08:15:32Z",
"severity": "HIGH"
},
"details": "An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device.",
"id": "GHSA-54jf-4g54-rc94",
"modified": "2025-06-26T21:31:10Z",
"published": "2025-06-26T21:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51983"
},
{
"type": "WEB",
"url": "https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf"
},
{
"type": "WEB",
"url": "https://github.com/sfewer-r7/BrotherVulnerabilities"
},
{
"type": "WEB",
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faq00100846_000"
},
{
"type": "WEB",
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faq00100848_000"
},
{
"type": "WEB",
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.html"
},
{
"type": "WEB",
"url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf"
},
{
"type": "WEB",
"url": "https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed"
},
{
"type": "WEB",
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/20250625_02.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5556-Q3WJ-F3QC
Vulnerability from github – Published: 2025-06-04 12:30 – Updated: 2025-06-04 12:30Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077.
{
"affected": [],
"aliases": [
"CVE-2025-30415"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-04T12:15:20Z",
"severity": "HIGH"
},
"details": "Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077.",
"id": "GHSA-5556-q3wj-f3qc",
"modified": "2025-06-04T12:30:36Z",
"published": "2025-06-04T12:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30415"
},
{
"type": "WEB",
"url": "https://security-advisory.acronis.com/advisories/SEC-8646"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-55G2-Q5J8-WW6G
Vulnerability from github – Published: 2026-06-02 00:31 – Updated: 2026-06-02 00:31Memory Corruption when processing fastboot commands to set display mode.
{
"affected": [],
"aliases": [
"CVE-2026-24092"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T23:16:20Z",
"severity": "HIGH"
},
"details": "Memory Corruption when processing fastboot commands to set display mode.",
"id": "GHSA-55g2-q5j8-ww6g",
"modified": "2026-06-02T00:31:58Z",
"published": "2026-06-02T00:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24092"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-597X-9GJ9-7Q4X
Vulnerability from github – Published: 2025-01-22 18:31 – Updated: 2025-01-22 18:31The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.
{
"affected": [],
"aliases": [
"CVE-2025-0638"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-22T16:15:29Z",
"severity": "HIGH"
},
"details": "The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.",
"id": "GHSA-597x-9gj9-7q4x",
"modified": "2025-01-22T18:31:55Z",
"published": "2025-01-22T18:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0638"
},
{
"type": "WEB",
"url": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2025-0638.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6GJ5-936C-VHWV
Vulnerability from github – Published: 2026-06-02 00:31 – Updated: 2026-06-02 00:31Memory corruption while processing fastboot commands with improperly formatted input.
{
"affected": [],
"aliases": [
"CVE-2026-24091"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T23:16:19Z",
"severity": "HIGH"
},
"details": "Memory corruption while processing fastboot commands with improperly formatted input.",
"id": "GHSA-6gj5-936c-vhwv",
"modified": "2026-06-02T00:31:58Z",
"published": "2026-06-02T00:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24091"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
CAPEC-66: SQL Injection
This attack exploits target software that constructs SQL statements based on user input. An attacker crafts input strings so that when the target software constructs SQL statements based on the input, the resulting SQL statement performs actions other than those the application intended. SQL Injection results from failure of the application to appropriately validate input.
CAPEC-676: NoSQL Injection
An adversary targets software that constructs NoSQL statements based on user input or with parameters vulnerable to operator replacement in order to achieve a variety of technical impacts such as escalating privileges, bypassing authentication, and/or executing code.