1. Home
  2. Weaknesses
  3. CWE-426

CWE-426: Untrusted Search Path

ID CWE-426
Abstraction Base
Structure Simple
Status Stable
Number of CVEs 486
Detail CAPEC Dashboard Vulnerabilities Web & Social
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

This might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the product uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted product would then execute. The problem extends to any type of critical resource that the product trusts.

Some of the most common variants of untrusted search path are:

  • In various UNIX and Linux-based systems, the PATH environment variable may be consulted to locate executable programs, and LD_PRELOAD may be used to locate a separate library.
  • In various Microsoft-based systems, the PATH environment variable is consulted to locate a DLL, if the DLL is not found in other paths that appear earlier in the search order.

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific
Operating_system Not OS-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-642 External Control of Critical State Data Class Simple Draft
CWE-1003 Weaknesses for Simplified Mapping of Published Vulnerabilities Incomplete CWE-668 Exposure of Resource to Wrong Sphere Class Simple Draft
CWE-1000 Research Concepts Draft CWE-673 External Influence of Sphere Definition Class Simple Draft
CWE-1000 Research Concepts Draft CWE-427 Uncontrolled Search Path Element Base Simple Draft
CWE-1000 Research Concepts Draft CWE-428 Unquoted Search Path or Element Base Simple Draft

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths CWE-426

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date