CWE-749
AllowedExposed Dangerous Method or Function
Abstraction: Base · Status: Incomplete
The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
304 vulnerabilities reference this CWE, most recent first.
GHSA-Q39J-4CH7-55C3
Vulnerability from github – Published: 2023-10-03 09:32 – Updated: 2023-11-02 12:30cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...). This vulnerability can be triggered by an HTTP endpoint exposed to the network.
{
"affected": [],
"aliases": [
"CVE-2023-3655"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-03T08:15:35Z",
"severity": "HIGH"
},
"details": "cashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung \u0026 Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...).\u00a0This vulnerability can be triggered by an HTTP endpoint exposed to the network.\n",
"id": "GHSA-q39j-4ch7-55c3",
"modified": "2023-11-02T12:30:16Z",
"published": "2023-10-03T09:32:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3655"
},
{
"type": "WEB",
"url": "https://doi.org/10.35011/ww2q-d522"
},
{
"type": "WEB",
"url": "https://www.cashit.at"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-Q7VG-5VWJ-J32J
Vulnerability from github – Published: 2023-09-11 21:30 – Updated: 2024-04-04 07:36?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0
{
"affected": [],
"aliases": [
"CVE-2023-40150"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-11T20:15:10Z",
"severity": "CRITICAL"
},
"details": "\n?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0",
"id": "GHSA-q7vg-5vwj-j32j",
"modified": "2024-04-04T07:36:10Z",
"published": "2023-09-11T21:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40150"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QP65-HWV9-52VM
Vulnerability from github – Published: 2023-03-29 21:30 – Updated: 2024-11-27 21:32This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-17527.
{
"affected": [],
"aliases": [
"CVE-2022-37365"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-29T19:15:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-17527.",
"id": "GHSA-qp65-hwv9-52vm",
"modified": "2024-11-27T21:32:41Z",
"published": "2023-03-29T21:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37365"
},
{
"type": "WEB",
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1093"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QWX7-39PW-2MHR
Vulnerability from github – Published: 2025-01-14 15:25 – Updated: 2025-05-21 14:14Problem
A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method.
Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions:
- the user opens a malicious link, such as one sent via email.
- the user visits a compromised or manipulated website while the following settings are misconfigured:
security.backend.enforceReferrerfeature is disabled,BE/cookieSameSiteconfiguration is set tolaxornone
The vulnerability in the affected downstream component “Dashboard Module” allows attackers to manipulate the victim’s dashboard configuration.
Solution
Update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS that fix the problem described.
Credits
Thanks to TYPO3 core and security members Benjamin Franzke, Oliver Hader, Andreas Kienast, Torben Hansen, Elias Häußler who fixed the issue.
References
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 10.4.47"
},
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms-dashboard"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.4.48"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 11.5.41"
},
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms-dashboard"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.5.42"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.4.24"
},
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms-dashboard"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.4.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 13.4.2"
},
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms-dashboard"
},
"ranges": [
{
"events": [
{
"introduced": "13.0.0"
},
{
"fixed": "13.4.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-55920"
],
"database_specific": {
"cwe_ids": [
"CWE-352",
"CWE-749"
],
"github_reviewed": true,
"github_reviewed_at": "2025-01-14T15:25:45Z",
"nvd_published_at": "2025-01-14T20:15:29Z",
"severity": "MODERATE"
},
"details": "### Problem\nA vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method.\n\nSuccessful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions:\n\n* the user opens a malicious link, such as one sent via email.\n* the user visits a compromised or manipulated website while the following settings are misconfigured:\n + `security.backend.enforceReferrer` feature is disabled,\n + `BE/cookieSameSite` configuration is set to `lax` or `none`\n\nThe vulnerability in the affected downstream component \u201cDashboard Module\u201d allows attackers to manipulate the victim\u2019s dashboard configuration.\n\n### Solution\nUpdate to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS that fix the problem described.\n\n### Credits\nThanks to TYPO3 core and security members Benjamin Franzke, Oliver Hader, Andreas Kienast, Torben Hansen, Elias H\u00e4u\u00dfler who fixed the issue.\n\n### References\n* [TYPO3-CORE-SA-2025-005](https://typo3.org/security/advisory/typo3-core-sa-2025-005)",
"id": "GHSA-qwx7-39pw-2mhr",
"modified": "2025-05-21T14:14:55Z",
"published": "2025-01-14T15:25:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-qwx7-39pw-2mhr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55920"
},
{
"type": "WEB",
"url": "https://github.com/TYPO3-CMS/dashboard/commit/c2e5dbdda87387ad9ee2ff8ca986d41dd9424875"
},
{
"type": "PACKAGE",
"url": "https://github.com/TYPO3-CMS/dashboard"
},
{
"type": "WEB",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "TYPO3 Cross-Site Request Forgery in Dashboard Module"
}
GHSA-QWXJ-4879-P647
Vulnerability from github – Published: 2025-04-16 03:30 – Updated: 2025-04-16 15:34Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to information leakage risk.
{
"affected": [],
"aliases": [
"CVE-2025-3698"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-16T03:15:18Z",
"severity": "HIGH"
},
"details": "Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to information leakage risk.",
"id": "GHSA-qwxj-4879-p647",
"modified": "2025-04-16T15:34:29Z",
"published": "2025-04-16T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3698"
},
{
"type": "WEB",
"url": "https://security.tecno.com/SRC/blogdetail/410?lang=en_US"
},
{
"type": "WEB",
"url": "https://security.tecno.com/SRC/securityUpdates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R2WW-664M-74G3
Vulnerability from github – Published: 2025-06-06 18:30 – Updated: 2025-06-06 18:30WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Tuya communications module software. The issue results from the exposure of a method allowing the upload of crafted software images to the module. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26349.
{
"affected": [],
"aliases": [
"CVE-2025-5748"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-06T16:15:29Z",
"severity": "HIGH"
},
"details": "WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Tuya communications module software. The issue results from the exposure of a method allowing the upload of crafted software images to the module. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26349.",
"id": "GHSA-r2ww-664m-74g3",
"modified": "2025-06-06T18:30:32Z",
"published": "2025-06-06T18:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5748"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-327"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFP3-MJ77-X334
Vulnerability from github – Published: 2024-05-03 03:31 – Updated: 2024-05-03 03:31Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in that an administrator must trigger a shutdown operation.
The specific flaw exists within the shutdown method. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22065.
{
"affected": [],
"aliases": [
"CVE-2023-51584"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T03:16:18Z",
"severity": "HIGH"
},
"details": "Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in that an administrator must trigger a shutdown operation.\n\nThe specific flaw exists within the shutdown method. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22065.",
"id": "GHSA-rfp3-mj77-x334",
"modified": "2024-05-03T03:31:07Z",
"published": "2024-05-03T03:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51584"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1889"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RG97-RFV3-8CJ5
Vulnerability from github – Published: 2024-04-02 00:30 – Updated: 2024-04-02 00:30Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the updateManagerPassword function. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-21203.
{
"affected": [],
"aliases": [
"CVE-2023-51573"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-01T22:15:10Z",
"severity": "CRITICAL"
},
"details": "Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the updateManagerPassword function. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-21203.",
"id": "GHSA-rg97-rfv3-8cj5",
"modified": "2024-04-02T00:30:46Z",
"published": "2024-04-02T00:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51573"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1879"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RH8G-F78W-JWHW
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the copyContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19944.
{
"affected": [],
"aliases": [
"CVE-2023-40500"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T03:15:24Z",
"severity": "CRITICAL"
},
"details": "LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19944.",
"id": "GHSA-rh8g-f78w-jwhw",
"modified": "2024-05-03T03:30:58Z",
"published": "2024-05-03T03:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40500"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1206"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RHF5-HM94-QQ7F
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the exportAsText method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-20230.
{
"affected": [],
"aliases": [
"CVE-2023-37330"
],
"database_specific": {
"cwe_ids": [
"CWE-749"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:43Z",
"severity": "HIGH"
},
"details": "Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the exportAsText method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-20230.",
"id": "GHSA-rhf5-hm94-qq7f",
"modified": "2024-05-03T03:30:53Z",
"published": "2024-05-03T03:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37330"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-925"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
If you must expose a method, make sure to perform input validation on all arguments, limit access to authorized parties, and protect against all possible vulnerabilities.
Mitigation
Strategy: Attack Surface Reduction
- Identify all exposed functionality. Explicitly list all functionality that must be exposed to some user or set of users. Identify which functionality may be:
- Ensure that the implemented code follows these expectations. This includes setting the appropriate access modifiers where applicable (public, private, protected, etc.) or not marking ActiveX controls safe-for-scripting.
- accessible to all users
- restricted to a small set of privileged users
- prevented from being directly accessible at all
CAPEC-500: WebView Injection
An adversary, through a previously installed malicious application, injects code into the context of a web page displayed by a WebView component. Through the injected code, an adversary is able to manipulate the DOM tree and cookies of the page, expose sensitive information, and can launch attacks against the web application from within the web page.